What the Deprecation of TLS 1.0 Dependencies Means for You
With the deprecation of Transport Layer Security (TLS) 1.0 happening next June, there will be some significant changes that could be taking place in your organization. The time to make sure you’re ready for them is now.
In this blog, we’d like to explore what changes are taking place and what you need to do to get yourself ready for them. Read along to learn more about what the deprecation of TLS 1.0 means for you.
Deprecation of TLS 1.0 – What Is It?
Transport Layer Security (TLS) is a cryptographic protocol that helps provide secure communication over a network. These TLS dependencies have been built into several of Microsoft’s Cloud services to assist with encryption and security for end-users.
For several months now, Microsoft has been announcing that they are updating their security standards and security requirements for Office 365 customers to be able to connect to, use, and consume their Cloud services. Microsoft is now requiring that the encryption standards that your computers, servers, and devices that use an Office 365 subscription has TLS 1.2, which is today’s “Gold standard” of encryption.
Why is the Deprecation of TLS 1.0 Taking Place?
Although the older TLS 1.0 and 1.1. dependencies are still uncompromised, they are around 15-20 years old (depending on the instance of the protocol). Microsoft doesn’t want to put their clients’ or customers’ data at risk, should someone find a way to circumvent the security on the older standards. So, they’ve decided to move to TLS 1.2, which has no known deficiencies, and turn off the older dependencies, like TLS 1.0 and 1.1 that someone may, eventually, compromise.
When is the Deprecation of TLS 1.0 Happening?
Microsoft plans to discontinue support for TLS version 1.0 and 1.1 in Office 365 as of June 2020.
What will be Affected by the Deprecation of TLS 1.0?
The main concern here is for companies that aren’t investing in their IT infrastructure. The deprecation of TLS 1.0 and 1.1 will affect older IT assets, like aging laptops or desktop computers, any older copiers that are sending scan to email, etc. These assets aren’t often updated, nor are they a part of a supported maintenance contract, so the chances of them working after June of 2020 are slim.
Older business applications are also at risk of not functioning correctly. If you’re using an older database software that has some type of functionality to email and AP invoices, you might want to determine a strategy to keep it functional after the cut-off date. There are strategies you can do, but it’s best to consider these now.
What do You Need to Do to Prepare for the Deprecation of TLS 1.0?
Our first recommendation is that you should look at updating your old computers. If you are running Windows 7, for example, there are still some challenges with that particular operating system (namely, that it, too, is reaching End of Support), so it’s really a good time to move into Windows 10. The good news is, most people are finding the transition from Windows 7 to Windows 10 to be pretty smooth sailing – a bit of user training, and off you go.
You also need to review any older assets and determine what will need to be done in order to keep them functional. If you have some of those old assets that really can’t change, or that your business depends on to function, there may be adapters or some type of relay service that meets today’s modern security standards that you can deploy. Older versions of Lotus Notes and GroupWise, and some of those older messaging systems – these are all things that will no longer work.
The other recommendation that we have is to update your business applications, or any internet-facing services. And this is something that should definitely be considered sooner, rather than later. You shouldn’t have internet-facing services, (or, for that matter, any business-to-business websites that collects client data, or any sites that are used for any type of money or credit card transactions) using these older security protocols. So, there’s a real opportunity here, to assess your business and see whether it’s keeping up with today’s standards.
PCI Compliance and the Deprecation of TLS 1.0
Good news! If your business is required to be PCI-compliant, you’ve probably already gone through a deprecation of TLS 1.0, and you’re probably already using TLS 1.2. This is because, as part of the compliance requirements, you are already required to use TLS 1.2 (while leaving TLS 1.1 as an “available” option).
It would still be a good idea to check to make sure you’re on TLS 1.2, but chances are, you’ve already done the necessary work in order to keep your compliance up to date.
How ProServeIT Can Help with the Deprecation of TLS 1.0
ProServeIT wants to help you understand where you may be affected by this upcoming deprecation of TLS 1.0, so we’ve put together a TLS Dependency Assessment; a multi-day assessment designed to help you to identify any software or hardware that you may have in place that runs TLS 1.0 or 1.1 so that you’ll know what exactly this upcoming change will affect in your IT environment.
During this assessment, our experts will conduct interviews and send out questionnaires that help us to better understand your business. Then, we’ll send out collectors that will take an inventory of your IT assets, so we can get a better understanding of whether or not there are any dependencies in your environment that may currently be running TLS 1.0 or 1.1. If we discover any TLS 1.0 dependencies, we’ll provide you with a roadmap to remediate, so that your services won’t be interrupted when the June 2020 deadline passes.
Ready to get started with your own TLS Dependency Assessment? Email us and let’s begin!