ASC-HS is upgrading projects’ TLS settings to use only version 1.2 by the end of 2020, which means more secure communication between the end customer and the project

What exactly is TLS?

TLS is an Internet Engineering Task Force (IETF) standard aimed at preventing tampering, eavesdropping, and message forgery.

TLS stands for “Transport Layer Security.” It is the security protocol that allows computers to communicate over the internet securely, without the transmissions being vulnerable to anyone they aren’t intended for. Without TLS, you wouldn’t be able to use your credit card on eCommerce sites or log into your bank account online.

Why TLS 1.2?

Due to several weaknesses found in TLS 1.0, many websites and internet services are now already requiring the use of TLS 1.2.  The latest PCI compliance standards require that any site accepting credit card payments use TLS 1.2 after June 30th, 2018. Services such as PayPal, Authorize.net, Stripe, UPS, FedEx, and many others already support TLS 1.2 and have indicated that they will eventually refuse TLS 1.0 connections.

TLS 1.0 and 1.1 have been (or are in the process of being) deprecated in one way or another by major browsers. This means that major web browsers are also planning on turning the screws to organizations in the latter half of 2020, warning that they’ll soon throw up browser warnings when a user visits a site that doesn’t support TLS 1.2.

With TLS 1.1 disabled, you will no longer be vulnerable to BEAST (Browser Exploit Against SSL/TLS) attacks. You also will have more secure cipher suites, which will reduce your dependency on RC4 (Rivest Cipher 4), a stream cipher known for its simplicity and speed. In addition, you will gain stronger ciphers that can prepare your website for new vulnerabilities identified in older ciphers or protocols. TLS 1.2 allows it to use more secure hash algorithms such as SHA-256 as well as advanced cipher suites that support elliptical curve cryptography.

What are the consequences if I don’t upgrade to TLS1.2?

First and foremost, your customer’s data is at risk.  In the event of a data breach, consequences for not being PCI (for example) compliant can include fines and your merchant bank can terminate your ability to process credit cards.

Second, crucial functions on your website will stop working overtime as the services your website uses require TLS 1.2.  This means that your payment processing and real-time shipping rates could stop working at some point over the next year if you don’t address it.

Archibus and TLS 1.2

As Archibus itself is a web-based product and as long as You access it with an up-to-date browser, no actions are needed.

If You are using the SmartClient or Outlook plugin, please have a look at the release notes or Archibus help documentation and see whether the specific version supports TSL 1.2 or not. If not, an upgrade is in order.

 

 

Our aim is to offer a secure service for all our customers. If You feel that You need additional information, please reach out to us.

 Contact us at contact@asc-hs.com