Calabrio ONE Cloud Product & Service Notification TLS 1.2
Calabrio ONE requires an upgrade to TLS 1.2 or higher by July 1, 2017.
Calabrio ONE requires an upgrade to TLS 1.2 or higher by July 1, 2017. On that date, Calabrio will disable all TLS 1.0 & 1.1 connectivity.
To ensure your users and clients will be able to connect to Calabrio ONE after the disablement change on July 1, please ensure you upgrade to TLS 1.2 or later before June 31, 2017. If you feel that this notification is not intended for you as a user, please engage your Calabrio ONE tenant administrator or IT administrator.
When will this change take place?
On July 1, 2017, all connections to 1.0 or 1.1 will cease to function on Internet Explorer 7.0, 9.0 and 10.0.
Why is Calabrio ONE making this change?
Calabrio is continually working with Calabrio ONE customers to ensure overall security is up-to-date with the most recent security protocols. On July 1, 2017, Calabrio ONE will require TLS 1.2 and later encryption protocols to ensure the highest security standards. TLS 1.2 provides a more robust and secure environment and is a milestone of PCI compliance.
Transport Layer Security (TLS) Overview:
The Transport Layer Security (TLS) Handshake Protocol is responsible for the authentication and key exchange necessary to establish or resume secure sessions. A man-in-the-middle vulnerability has been discovered in TLS 1.0 & TLS 1.1. This vulnerability could allow an attacker to conduct man-in-the-middle attacks or decrypt communications between the affected service and the client.
Concern: This protocol is prone to this vulnerability because of a design error, allowing an attacker to conduct man-in-the-middle attacks or decrypt communications between the affected service and the client.
Solution: It is recommended that users disable TLS 1.0 and 1.1 and upgrade to the latest version of TLS. This vulnerability has been fixed in TLS 1.2 SSL.
Early TLS cannot be used as security controls to protect payment data after June 30, 2018.
Prior to this date, existing implementations that use SSL and/or early TLS must have a formal risk mitigation and migration plan in place. Guidance on interim risk mitigation approaches, migration recommendations and alternative options for strong cryptographic protocols is outlined in the PCI SSC Information Supplement: Migrating from SSL and Early TLS.
What is the impact of TLS 1.0 & 1.1 disablement?
The impact of the TLS 1.0 & 1.1 disablement will vary by Customer and Tenant and depends on the ways in which your users connect to and use the Calabrio ONE Cloud service.
Key areas of impact include:
- Calabrio ONE User Browser Access
Browser incompatibility will prevent your users from accessing your Calabrio ONE Cloud tenant, Administration and Calabrio ONE applications. This will affect:- Calabrio ONE Administrators: Tenant and Application Administrators
- Workforce Management Users: Agents and Supervisors
- Quality Management Users: Agents, Evaluators, Supervisors or Managers
- Analytics Users: Analysts, Supervisors, Managers
- Calabrio ONE Reporting
Users will not be able to connect to or run any Calabrio ONE Reports unless their browser or browser settings are updated per compatibility guidelines. - Partner API integrations
These integrations will cease to work if they are not compatible with TLS 1.1 or later. This includes .NET-based integrations that send requests to Calabrio ONE and are not enabled with TLS 1.1 and/or TLS 1.2.
Calabrio ONE Customer and Partner Portals are NOT affected with this change:
- Calabrio ONE Users and Customers will still have access to the Calabrio ONE Customer and Partner portals (portal.calabrio.com) for case submission, product forums and access to documentation and training material.
What action do I need to take?
- Review the browsers your users and clients use to connect to Calabrio ONE Cloud and ensure those connections are ready to support TLS 1.2 and later well before July 1, 2017. This update affects users and clients who use IE 7.0, 9.0 or 10.0.
- Start planning and testing as soon as possible to ensure a successful transition to supporting the latest TLS version prior to our disablement of TLS 1.0 & 1.1. Check out the Identifying and Enabling TLS 1.2 Reference (PDF) for your browser clients.
How can I get more information?
- Review the Calabrio ONE TLS 1.2 Enablement Product Community Forum located on the Calabrio ONE customer and partner portals: portal.calabrio.com
- Customers and users can open a proactive TLS readiness case by contacting Calabrio Support Services at 1 (800) 303-1248; +1 (763) 592-4680 (Int’l) or by emailing Calabrio Support.
- For additional questions, open a case with Calabrio Support Services via the Calabrio ONE customer and partner portal – portal.calabrio.com