Outdated SSL/TLS? Threatview has come back saying:
‘The Transport Layer Security (TLS) algorithm TLSv1.0 is deprecated and its use is strongly discouraged. This finding may also negatively impact your Payment Card Industry (PCI) compliance status.’
I definitely don’t want to lose my PCI compliance status! I get confused as to what SSL/TLS – how do I update it to a current version?
So, simplified SSL = Secure Sockets Layer, TLS = Transport Layer Security
It’s a protocol that secures an internet connection by encrypting data sent between two computer systems (this can be websites, browsers, servers). It can help prevent black hats from stealing or even seeing any personal or even financial data.
If you’re running SSL or even older versions of TLS then you really need to update these, SSL was deprecated in 2015 so you need to be using the latest version of TLS.
You’ll need to get a new certificate for version 1.3, Digicert is a great resource for TLS certificates.
Thanks for explaining, I will have a look on digicert, I will also contact my developers to see if this is something they are meant to be sorting or if it’s on me!