The Office of the Chief Technology Officer (OCTO) has completed conversion of all the city’s 120 websites from HTTP to HTTPS, an encrypted connection from the request and sender end points.
Under the leadership of CTO Vemulapalli, OCTO moved to incorporate the HTTPS migration during a preplanned Drupal cloud migration. Time, resources, and taxpayer dollars were saved by completing both migrations at once.
HTTPS provides a secured connection with a certified security certificate. The traditional connection method, HTTP, had no authenticity and the presented data could be compromised by hackers through unsecured entries.
Kiran Jala, OCTO Web Team’s Technical Architect who oversaw the HTTPS migration project, says the migration’s significance positively impacted the District. “Residents now know that the sites are secure. They can feel secure and browse confidently on the DC government websites,” said Kiran Jala.
Previously, HTTPS had not earned industry significance; this was especially true for content-based sites, that delivered Static and brochureware content. While DC Government reported no previous website content manipulation, a growing number of security threats and the necessity of proving authenticity of the content has moved HTTPS migration to the forefront.
DC federal government neighbors had shifted to HTTPS and put additional pressure on the District to make the switch sooner rather than later. In turn, Washington, DC has now migrated before many major cities.
OCTO’s 10-person Web Team utilized its expertise throughout the migration testing and audit phases. They were required to test each page for proper functionality and the absence of malformed content. OCTO’s Security Team also provided the requisite security certificates and participated in conversations to execute the massive switch.
This effort further supports Mayor Muriel Bowser’s transparency initiative.