Amazon Web Services Updating Security Requirements That Could Affect You
Amazon Web Services (AWS) is how ServiceTrade’s SaaS applications are delivered in the cloud. Occasionally, AWS makes changes to ensure the security of its infrastructure and services and the security of users’ devices and applications that connect to the AWS Cloud.
On June 28, 2023, AWS is requiring that all devices or applications use transport layer security (TLS) version 1.2 or greater to use SaaS applications hosted in AWS, including ServiceTrade. Read Amazon’s announcement here.
ServiceTrade uses newer TLS in its applications, however, we can see that some users connect to our services using these obsolete versions of TLS. Those connections will no longer work after June 28th.
TLS is a cryptographic protocol that secures internet communications between our users’ devices and applications and AWS’s systems. The versions being retired, TLS 1.0 and 1.1 are really old as internet technology goes, with the newer of the two, TLS 1.1, being published in 2006 and deprecated in 2021.
Does it affect me? Probably not.
Most ServiceTrade customers and their integrated applications are already using TLS 1.2 or greater and will not be affected.
But it might!
We have identified a few companies that could be impacted, and our customer success team will be reaching out to you individually to ensure a smooth transition to TLS 1.2+.
For those of you who do have devices or integrated applications that rely on TLS 1.0 or 1.1, you must update them by June 28th if you expect them to continue to work.
What should I do if I think I’m impacted?
First, check our list of supported devices and system requirements. If you have any devices or browsers older than those listed, please take steps to update them, replace them, or prepare for them to stop accessing ServiceTrade on June 28th.
Our research has shown that many ServiceTrade users who are using obsolete TLS are also using outdated operating systems (like Windows 8) and browsers (like outdated versions of Chrome.) Support will reach out to everyone we suspect is using TLS 1.0 and 1.1.
If you don’t hear from us, it’s likely (though not guaranteed) that you’ll be unaffected by this change. If you have any doubts about older devices or integrated applications in use, reach out to firstname.lastname@example.org and we’ll confirm if any action is needed and help you through next steps.