Dozens of US government online whistleblower sites not secured by HTTPS

[Megan Eskey]

In addition to mandating the use of HTTPS encryption to protect interactions with government websites, we recommend that you also require agencies to use a similar encryption technology, STARTTLS, to protect data transmitted between email servers. This decade-old encryption standard is now widely used by the private sector, including by major technology and telecommunications companies such as Google, Comcast, Microsoft, Verizon and Yahoo. Although some federal agencies have configured their email servers to use STARTTLS, some have not, including the Federal Bureau of Investigation, the Federal Trade Commission, the Federal Communications Commission, NASA and the Department of Labor.  

Dozens of US government online whistleblower sites not secured by HTTPS http://t.co/IYD0dQJHt9 ‪#‎whistleblower‬ ‪#‎security‬ ‪#‎https