ICOTS Security Update 8/22/18 - Web Browsers Need TLS 1.1+ Support

Please see the notice below from Appriss regarding security standards for accessing ICOTS goes into production on Wednesday, August 22, 2018. This may affect some of your web browsers with TLS 1.0 or lower. Included in the notice are links to manually update your web browser to the newest version (Google Chrome, Internet Explorer, Firefox, and Safari).

Most current web browsers have support for the TLS 1.1 protocol enabled by default, so it shouldn’t automatically shut down access for users unless they’re using Internet Explorer 10 or earlier or an older version of Firefox or Google Chrome that came out before 2014. Chrome and Firefox typically offer automatic updates and should be up to date unless your IT department disabled that feature. Internet Explorer 11 or later should be fine as TLS 1.1 is enabled by default.

If you have questions about what steps to take, please reach out to the ICOTS contact in your state, or your local IT department.

From Appriss:

Appriss is requiring an upgrade to TLS 1.1 or higher beginning August 22, 2018, in order to align with industry best practices for security and data integrity.

Action may be required prior to this date to prevent website disruption.

What is TLS?

TLS (or “Transport Layer Security”) is a protocol that provides privacy and data integrity between two communicating applications. The most widely deployed security protocol today, TLS is used for web browsers and other applications that require data to be securely exchanged over a network. TLS is a key component of Appriss’ security plan−ensuring that a connection to a remote endpoint is the intended endpoint through encryption and endpoint identity verification. The versions of TLS, to date, are TLS 1.0, 1.1 and 1.2 (current version).

What is happening?

Appriss will no longer support TLS 1.0 in order to align with industry best practices for security and data integrity.  Appriss will only support TLS 1.1 or higher.

Why are we making this change?

At Appriss, data security is top priority. We are committed to supporting the highest security standards in order to continuously promote data safety and security. Requiring TLS 1.1 (or higher) encryption protocol is in line with this commitment.

How might you be impacted?

For continued access to Appriss product websites/services, please ensure your browser(s) have TLS 1.1 and/or TLS 1.2 enabled. Once Appriss discontinues support for TLS 1.0, you will only be able to access Appriss product websites/services if your browser or integration has TLS 1.1, or higher, enabled.

What action is required?

Quite possibly, none. TLS 1.0 support has been significantly waning industry-wide over the last several years. Click here to see if your browser requires an update.

If you do need to update your browser, there are different ways to do so depending on the one you use. Most browsers will prompt you automatically if there is an update available, and will guide you through the steps of that update. If you need to manually update your browser, instructions for the more popular browsers are linked below.

Google Chrome     Internet Explorer      Firefox      Safari

Additionally, there may be situations where your browser supports TLS 1.1/TLS 1.2, but it has not been enabled. Click here for instructions on enabling TLS 1.1 and TLS 1.2 on various browsers.

When is this happening?

As of August 22, 2018, Appriss will only support TLS 1.1 or higher. 

Was this article helpful?
0 out of 0 found this helpful



Article is closed for comments.

Articles in this section

See more
Need Assistance with ICOTS or report a data error?
Contact your state's ICOTS administrator
What should we say here or link to?
Details to come