Articles by Upendo Ventures

We "Upendo" to Write for You!

Our team loves to share our thoughts, research, experiences here in our blog. Please enjoy our articles and leave a comment to let us know what you think.

What You Need to Know About the TLS 1.2 Update

Upendo Ventures on Security

There has been a lot of talk in recent weeks about TLS compliance requirements.  There’s good reason for this, because notable vendors that are known for being on the forefront of security such as Authorize.net, PayPal, and UPS began notifying their partners and vendors about two years ago.  Everyone else began receiving similar notifications about a year ago.  What does this all mean though?

What is TLS Anyway?

TLS is an acronym for “transport layer security,” which is a fancy name for a security protocol that protects the information sent between web browsers and web servers.  For example, every time a webpage loads or you submit an order in an online store, TLS is what ensures that your private and financial information is secure – in both directions.

TLS Deadlines

The motivator behind these deadlines is the official security standards council, PCI DSS, raising the standards for all secured websites.  They have mandated that all website owners upgrade their minimum security standard from TLS 1.0 and earlier security protocols to at least TLS 1.1 by June 30, 2018.  Under the covers, there are several new and depreciated features between various security protocols, including the cryptography.

However, many of the world’s leading website owners had their own deadline, which was February 28, 2018.  Obviously, that date has already passed, so many website owners are on the scramble now for their payments and shipping integrations to work again.

Customers

If you’re simply a person who uses the internet to browse content and purchase things online, compliance is easy for you.  Simply ensure that you upgrade your web browser to the latest version.  Ideally, you should be using one of the prominent three browsers, Google Chrome, Mozilla Firefox, or Microsoft Edge.  Xero published a great blog that outlines the security protocol support for these web browsers.

Online Store Owners/Administrators

If you’re running an online store using a cloud platform provider such as Shopify or BigCommerce, you don’t really need to do anything.  Cloud e-commerce providers like these are all on top of this already.  If you’re hosting your own online store, chances are that you may need to upgrade your e-commerce software.  For example, at Hotcakes Commerce, we knew about this upgrade two years ago and found it necessary to apply a code update to be fully compliant with the TLS requirements.  If you’re running Hotcakes Commerce, you simply need to upgrade to version 01.10.04 or newer.  (It would be best to upgrade to the most recent version of Hotcakes, which is 03.01.00 at this time.)

Server Administrators

Again, if you’re running your online store using a cloud platform, you don’t need to worry about this.  However, those of you that are responsible for web servers need to ensure that earlier security protocols are disabled and you should probably only allow at least TLS 1.1.  Microsoft published a useful article about enabling TLS 1.1 and 1.2 as defaults, and in some instances, it requires ensuring that you’re current on your Windows Updates.  (This is something you should be doing anyway though.)

Summary

If you need assistance with any of this, please feel free to let us know.  We’d be happy to help!

Contact Us
Let's Chat!

We'd love to work with you. Let's talk about how.

Contact Us


About the Author

Will StrohlFounder & CEO
Upendo Ventures
Overall, Will has nearly 20 years of experience helping website owners become more successful in all areas, including mentoring, website development, marketing, strategy, e-commerce, and more.

blog comments powered by Disqus

Newsletter

Loading

About Our Company

We are a values-based company who provides technical and leadership services in a wide variety of areas. Contact us to learn how we can help you.

Get In Touch

  • Email: [email protected]

  • Phone: (650) 381-9160

  • Address: 548 Market St. #65401
    San Francisco, CA 94104