Pull up your library website. Look in the address bar. Do you see a little lock that’s closed or open? Does your web address say HTTP or HTTPS? The ‘S’ at the end of HTTPS stands for ‘Secure’. It means all communications between your browser and the website are encrypted, so no one can see the data that is being sent.
It is very important that your library website is using HTTPS, especially on the accounts page. People visiting your site without HTTPS may also get warnings from their browsers telling them your site is not secure.
“HTTP is like writing things on a postcard, HTTPS is like writing things in a letter, and then putting it in an envelope and sealing it. The mailman/ISP can still see where the letter is going, but can only read the contents of the HTTP/postcard communication; all they know about the HTTPS/envelope is where it came from and where it’s going.”
Getting your website to https
- Connect with your IT manager or get ready to start the process if you’re the one with network access. Seek out options for purchasing SSL/TLS certificates If costs are a concern, check out Let’s Encrypt.
- Let’s Encrypt offers free certificates to anyone who owns a domain name. There is a robust community of support available to help install the certificates and get your site secured.
- Go to your library’s website. Is it secured with HTTPS?
- If your site is still operating with HTTP, connect with the IT Department or get ready to start the process if you’re the one with network access. Seek out options for purchasing SSL/TLS certifications.
- If your site is secured, visit a few library vendors to see if their sites are secure.