Gmail recently defaulted to a secure browser setting to help users who may not know enough about security to help themselves. According to this Information Week blog, this significant shift by Google is a reminder that there’s probably more you can do to secure your organization’s data and communications.
HTTP is the underlying protocol to the Web and HTTPS is the secure version of it; the one that sends and receives transmissions between a browser and the Web servers it’s connecting to in encrypted form. In the same way that many online storefronts rely on HTTPS to hide sensitive information such as credit card data from prying eyes (people who have access to the physical or wireless network over which the data is being transmitted), Gmail has always relied on HTTPS for its login process to ensure that user IDs and passwords are securely transmitted.
The move by Google comes on the heels of a coordinated attack on certain Gmail accounts in China which in turn is unfolding into a huge drama on the geopolitical and international business stages.