If your browser or integration does not have TLS 1.1 or higher enabled after we disable TLS 1.0, then you and YOUR USERS will NOT be able to access Yardstick Software’s services.
As an admin of a Yardstick Software account that may use the TLS 1.0 encryption protocol, we want to inform you of a change regarding supported encryption protocols. Starting in November of 2015, Yardstick will begin disabling the TLS 1.0 encryption protocol. This action will prevent TLS 1.0 from being used to access Yardstick software services via inbound and outbound connections.
Why is this happening?
At Yardstick, security is our #1 concern, and we take the protection of our customers' data very seriously. To maintain the highest security standards and promote the safety of your data, we occasionally need to make security improvements and retire older encryption protocols. To maintain alignment with these best practices and updated compliance requirements from the PCI Security Standards Council, Yardstick will disable the use of TLS 1.0 for connections to and from our software services.
How do we know if we are ready for this change?
After Yardstick disables TLS 1.0, any inbound connections to or outbound connections from our software services will need to use the TLS 1.1 or TLS 1.2 encryption protocol. This change also impacts access to web services and SSO integrations.
Two different channels require encryption to access Yardstick software services: internet browser and API (inbound) integrations. An overview of each follows:
1.Internet browsers: You and your users should not experience an impact accessing Yardstick software in your browser(s) unless you are using a non-supported browser or you have disabled (or not enabled) the supported encryption protocols in the browser. To quickly test your browser compatibility, you can visit our test site, which has TLS 1.0 disabled. If you are able to view the site without errors, access to Yardstick software via your browser should not be impacted by this change. If you experience errors, please try the following settings changes first. If this does not work, please verify you are using a compatible browser as shown below.
To Enable TLS 1.1 and 1.2 on Internet Explorer:
- On the Internet Explorer main menu, select Tools > Internet Options.
- In the Internet Options box, select the Advanced tab.
- In the Security category, check Use TLS 1.1, and Use TLS 1.2 (if available).
- Click OK
- Exit and restart Internet Explorer.
In the above chart, browsers labeled in red will not work. Browsers labeled in green should work without issue, and browsers labeled in yellow are known to require the above security settings to be manually enabled.
2. API (inbound) integrations: API Integrations are interfaces or applications that are separate from Yardstick, but use Yardstick data. If you have any API Integrations, please ensure that TLS 1.1 and/or TLS 1.2 are enabled in those integrations. Please note that Windows Server 2003, Windows Server 2008 are no longer supported, as they do not support TLS 1.1 and TLS 1.2. Windows Server 2008R2 and above will work without issue.
What action do I need to take?
In order to maintain access to your Yardstick Software services, you need to ensure your browsers and integrations that use inbound connections to or outbound connections from Yardstick have TLS 1.1 and/or TLS 1.2 enabled. If your browser or integration does not have TLS 1.1 or higher enabled after we make this change, then your users will NOT be able to access our services. We recommend that you begin planning to support TLS 1.1 and TLS 1.2 as soon as possible.
Browse to this site to test if their browsers support TLS 1.1 or 1.2:
In addition, we highly recommend that this information and test URL be communicated to your users as well so that they can ensure continued access to your site/Yardstick services.
What should we expect?
Yardstick plans to disable TLS 1.0 at the end of November 2015 to ensure that we continue to be fully PCI compliant.
For users (including your end-users) who are running a compatible browser (listed in green), no changes should be required and service should continue to function. For users (including your end-users) who are using an unsupported browser (listed in yellow or red), they will be unable to access the site and the services (including login screens, exams and programs, and certificates). When users encounter this, they should:
- Upgrade to a supported browser (highlighted in green)
- Increase the internet security settings within the browser
This should resume access to the site.
Please note: for users using unsupported browsers, it may appear that the website is down (the error message may say “Cannot display the website” or “Webpage cannot be found”). Your website is still fully functioning and these messages are a result of trying to access with a browser that no longer meets the required security protocols.