In June next year Microsoft will be deprecating older versions of TLS (transport layer security – this is, put simply, what makes up “HTTPS”).
If you are still using versions 1.0 and 1.1, you will no longer be able to connect – most notably Internet Explorer 10 on Windows 7. There is a way to check compliance in the Microsoft Security Centre, but it only caters for email users.
How do you find out which version you are on?
Unfortunately, there’s no easy way to do this – Exchange Admin Centre will tell you whether you have any non-TLS 1.2 connections, but only for users that have accessed email services. There’s also a list of web browsers e.g. Firefox 4 that definitely cannot use TLS 1.2, so it’s worth checking if anybody is using that web browser in your company.
If you don’t take action, what will happen?
If you don’t upgrade to TLS 1.2 then you won’t be able to access the Microsoft services (the server will actively refuse the insecure connection).
Why is it being deprecated?
The simple answer is that Microsoft want to offer ‘best in class security’.
TLS (and its predecessor SSL) are a collection of encryption algorithms; over time, these algorithms are ‘busted’ so become insecure; TLS 1.2 is the latest version and therefore contains less (or possibly no) busted algorithms.
What are the benefits?
Improved overall security.
What action is required now?
You need to ensure your clients support TLS 1.2 to minimise disruption. If you’re unsure about what to do, or how your company will be affected, please get in touch.