One in three websites from public organisations are still not secure. Sensitive data such as social security numbers, or even medical and psychological complaints can become public and misused. Those are the results of research done by Open State Foundation.
Open State Foundation has be researching the websites of public institutions since 2016 with Pulse, a tool which checks whether websites support HTTPS (https://). HTTPS is important because it ensures a secure connection. When using HTTP (without the s) people with ill intentions can read the data and misuse it. From 2019 onwards it is mandatory for Dutch government websites to use HTTPS. Find the list with websites via Pulse.
New Pulse Scan
Open State Foundation researched over 30.000 domains in relevant sectors healthcare, education and government. We do so by evaluating the response of four ‘endpoints’ in each domain: http://, http://www, https://, and https://www. The data from these endpoints is used to determine the behaviour of the domain. This analysis makes use of open source tools and the SSL Labs API.
Practically the results of the scan (in comparison to the previous scan) are:
Domain | Current HTTPS Support | Previous scan | HTTPS Support previous scan |
Healthcare | 70% | 07-08-2017 | 39% |
Education | 70% | 01-12-2017 | 32% |
Government | 88% | 24-12-2017 | 72% |
Want to know more about Pulse? Have a look at: pulse.openstate.eu. You can see and use the full data from all scans at data.openstate.eu. You can also contact Open State Foundation through this (secure) contact form.