To comply with sector-leading security practices, we are upgrading the protocol used in our endpoints to Transport Layer Security (TLS) 1.2. Industry standards bodies, such as the Payment Card Industry (PCI) council, recommend that TLS 1.2 be used for secure communications.
What actions do you need to take?
Please ensure you are using TLS 1.2 or above by the planned upgrade date. For the large majority of our customers no action will be required.
What is Transport Layer Security (TLS)?
Transport Layer Security (TLS) is a protocol that encrypts the connection between communicating applications over the internet. When a server and a client communicate, TLS ensures that no third party can intercept the communication and steal the data passed between them.
For example, it is TLS that secures the connection between your computer and a website order form when you make an online purchase. Similarly, it is TLS that secures the connection between our client on a managed device and the Endpoint Manager server.
Why is this upgrade needed?
Because earlier versions of TLS contain security vulnerabilities for which there are no known fixes. The widespread POODLE and BEAST exploits are a couple of examples of how attackers have taken advantage of weaknesses in SSL and early TLS. While both exploits are more theoretical than practical for an attacker, and Coralogix systems have always had multiple layers of security in place to prevent these attacks anyway, we are still implementing the upgrade as best practice.
If you have any questions or need assistance during this upgrade, please feel free to reach out to Coralogix support.
Sep 12, 2023 - 14:39 UTC