You might have noticed something different about our websites: they’ve gone green! Here I’m talking about internet security, not the environment, and our move to “https” website addresses.
You may be familiar with website addresses starting with “http://” before adding “www” (world wide web). The difference with our sites is the “s” in https.
This means that we now have secure (https) websites whose addresses show up green in some browsers, so you know you’re on our official sites.
Getting these certificates has taken a lot of time and effort. So, why bother?
Because, as regular readers of the blog know, there is more to running a firm of solicitors than just practising law.
As Solicitor Director of Donoghue Solicitors I am responsible for all aspects of my firm. I am the Compliance Officer for Legal Practice, a title which goes beyond just practising law and extends to how the business is run, marketed, and managed.
I have to be aware of wider issues which affect society in general and adapt them to my firm. Regulators such as the Solicitors Regulation Authority, Information Commissioner’s Office, Legal Ombudsman, and others, expect it, but rarely give direct instructions, leading me to exercise my best judgement.
With that in mind I have been troubled by the increase in cyber-attacks over the past year. For example:
- You might recall the impact of last year’s “heartbleed” virus which led to many people changing passwords and checking their online security.
- Edward Snowden revealed how government organisations have been able to get access to people’s email and other online accounts.
- Hackers stole personal staff information from Sony’s computers, who were so rattled that they cancelled the release of “The Interview”, a satirical movie about North Korea.
- There has been an increase in fake websites which copy trusted sites so well that people can’t tell the difference, resulting in them providing personal details, credit card numbers etc. to the hackers.
- Even big, tech-savvy companies like Tesla Motors have had their websites hacked, causing significant disruption and damage.
Public trust in the legal profession, and Donoghue Solicitors in particular, extends to more than just being honest, fair, and acting in our client’s best interests. It matters to our clients, regulators, and the wider community that we are seen doing this, even if they are not personally using us to claim compensation for their actions against the police, accident claims, or professional negligence claims.
Having your best interests at heart extends to online security and led to the new https system. In the course of the upgrade I learned a little about how the internet works, which I explain below.
What is the difference between http and https?
There are two main types of website addresses:
- those starting with http, and
- those starting with https.
HTTP means Hypertext Transfer Protocol. It is the standard way of communicating data over the internet.
Http addresses are vulnerable for two reasons:
- Normal website traffic (http) is unencrypted, which means that it can be read by others and potentially hacked.
- Http domain addresses are available at low-cost and with minimal checks so hackers anywhere in the world can use them to set up fake websites to “phish” for personal details, credit cards etc.
So internet users must be on their guard and make sure that they check before providing any personal information, click on links or downloads etc.
How https works
Https helps legitimate website owners and users fight back.
It means Hypertext Transfer Protocol Secure. It is the secure version of http.
The “s” in https is added when the http is layered over a Transport Layer Security (“TLS”) or Secure Sockets Layer (“SSL”) protocol. This is achieved by obtaining a security certificate from a trusted authority which verifies the owner of the website and server.
As part of the https protocol any communication between you and Donoghue Solicitors’ websites is encrypted. This prevents man-in-the-middle attacks, eavesdropping, tampering etc.
So you can be confident that you are communicating with our genuine websites, and that any information you give can’t be read by a hacker. This is especially important for our clients who complete the online enquiry forms. Providing your name, email address, and phone number is personal information which could be abused in the wrong hands. You can be sure when you provide us with information via our websites that it is securely encrypted and coming only to us.
Moving to https website addresses cost a little extra, and involved some work. But that was just the first, and easiest stage. To give you the ultimate in reassurance we went further and invested in an Extended Validation (“EV”) certificate for https://www.donoghue-solicitors.co.uk. This provides industry-leading 256 bit encryption keys so you have the highest level of confidence and protection.
The visual difference to you is that, as well as the https at the beginning of our website address, our firm name appears in the website address bar:
This is a quick way to know you’re on our official site.
We believe we’re the first firm of solicitors in the country to get an Extended Validation certificate for our website.
This is not surprising as it took a lot of time and work. We had to confirm to our EV certificate issuers in the USA:
- our legal existence, verified using government records
- physical existence, which had to be verified with others
- operational existence, which confirmed that we were in business
- domain name verification, checked independently, and
- authorisation from an officer of Donoghue Solicitors.
We also had to complete a long legal document, get together all the independent information, and I had to speak to a representative in their Chicago office to confirm these details.
As well as the set-up fee, there is an annual renewal charge for the EV certificate, but we think the extra money and work are worth it. You can trust the green bar on our site, browse our content, and give your details in confidence.
How do I know a website is secure?
If you already know a website is secure type in the full domain name, starting with “https://” (e.g. https://www.donoghue-solicitors.co.uk).
Alternatively, do a google search, or type the “www” address (e.g. www.donoghue-solicitors.co.uk) in the address bar in your internet browser.
When the website opens, look in the address bar at the top of the page. If you see a padlock and “https://” (which is in green if you’re using google chrome as your browser) you’re on a secure, trusted site. Websites like ours with Extended Validation also show green internet address bars and the name of the company. You can see this in the chrome, firefox, and safari browsers, among others.
For extra peace of mind, you can check the security certificate details by clicking on the padlock in chrome and firefox.
And as you already know, it is also important to make sure your web browser and security software are up to date and that you only click on links or download things from trusted browsers/ sources.
The internet can seem like the Wild West. By using secure (https) websites we hope to keep the hackers at bay and give you the confidence you need.
For help with your actions against the police, accident claims, or professional negligence claims contact Donoghue Solicitors using the simple online form on the website, or call us on 08000 124 246 or 0151 933 1474. We represent clients throughout England and Wales.