3 in 10 group websites skip OMB deadline to quit to HTTPS

Digital Gov

3 in 10 group websites skip OMB deadline to quit to HTTPS

Shutterstock image. 

The White House-imposed deadline for sovereign agencies to transition their websites to a HTTPS communications custom upheld on New Year’s Eve, though some agencies’ conversions sojourn a work in progress.

The HTTPS protocol, nonetheless it has limitations, provides a some-more secure tie by substantiating an encrypted tie that protects many information exchanged between a website and a user.

In Jun 2015, a Office of Management and Budget chit mandated a government-wide emigration from a unencrypted HTTP to HTTPS for “all publicly permitted sovereign websites and web services,” including APIs, by Dec. 31, 2016.

The memo also enclosed a call to prioritize sovereign domains that engage an sell of supportive or privately identifiable information or that accept a estimable traffic.

The OMB mandate’s settled idea was to boost a group adoption of a stronger remoteness customary for website confidence in sequence to compare that of a blurb sector, and to yield a picturesque timeline for migration.

A General Services Administration orator told FCW that given a OMB process was issued, “HTTPS support among executive bend .gov domains has stretched greatly,” and combined that “web trade information from analytics.usa.gov suggests that HTTPS is now used for many executive bend .gov web requests.”

Most does not meant all. While many agencies have indeed changed to HTTPS, 31 percent of a approximately 1,200 .gov domains monitored by a Pulse dashboard have not finished these conversions.


Pulse was collaboratively built by GSA’s 18F and Office of Government-wide Policy to magnitude swell opposite all branches of government.

Of a domains tested, 250 perceived an A+ class from a Qualys SSL Labs encrypted network communication evaluation, a top measure possible. Many smaller agencies, however, have not nonetheless switched any domains. And a U.S. Postal Service reports HTTPS on only one of 6 monitored domains, while a Department of Veterans Affairs has changed one of three.

“There is some-more work to be finished in 2017, and agencies should continue shutting gaps and preloading as many of their domains as possible,” a orator said.

To assistance transitioning agencies, GSA also launched a assistance site that provides technical recommendation and assistance, and “works directly with sovereign staff who are operative by emigration issues,” a orator added.

GSA declined to criticism on a emigration standing of a agencies who unsuccessful to accommodate a deadline.

About a Author

Chase Gunter is a staff author covering municipal agencies, workforce issues, health IT, open information and innovation.

Prior to fasten FCW, Gunter reported for a C-Ville Weekly in Charlottesville, Va., and served as a college sports kick author for a South Boston (Va.) News and Record. He started during FCW as an editorial associate before fasten a group full-time as a reporter.

Gunter is a connoisseur of a University of Virginia, where his emphases were English, story and media studies.

Click here for prior articles by Gunter, or bond with him on Twitter: @WChaseGunter