Tony Scott: HTTPS to Become Standard on All Public Federal Websites, Services

2 mins read
Tony Scott
Tony Scott
Tony Scott

Federal CIO Tony Scott has issued guidance for agencies to transition all public-facing federal websites and Web services to Hypertext Transfer Protocol Secure by Dec. 31, 2016, in efforts to ensure a secure connection.

In a memo sent Monday to the heads of executive departments and agencies, Scott said government websites will use the HTTPS protocol in efforts to foster data privacy and security.

He noted that while many agencies already use HTTPS for online services, the guidance builds on previous material from the Office of Management and Budget to increase adoption of the protocol across government.

Scott directed agencies to conduct a risk-based analysis to manage the transition of existing public websites and Web services, while all new websites and services must be available through HTTPS upon launch.

Agencies should also consider factors such as the impact on site performance, support for Server Name Indication, website content, Web clients, flexibility for updates, support for Domain Name System Security and implementation of HTTP Strict Transport Security, he added.

The guidance notes that the use of the unencrypted HTTP protocol makes the agency Web domain vulnerable to threat activities such as tracking, eavesdropping and manipulation of data.

Scott said HTTPS works to check the identity of a website and encrypt most information exchanged between the website and the user.

He also indicated that the adoption of HTTPS is cost-effective in that the benefits outweigh the administrative, development and financial cost of implementation.

ExecutiveGov Logo

Sign Up Now! Executive Gov provides you with Free Daily Updates and News Briefings about Government Technology

Leave a Reply

Your email address will not be published.

The Ultimate Guide to Winning Government Contracts Let us show you how top executives are winning so you can replicate it