Still Using SSL or Early TLS? It’s Time To Upgrade!MiCamp Solutions
June 30, 2018 is the deadline to disable Secure Sockets Layer (SSL)/early Transport Layer Security (TLS). To remain PCI DSS compliant, merchants must be using TLS v. 1.1 or later.
Continued use of SSL and early TLS will put your business at risk of being breached. “There are no fixes or patches that can adequately repair SSL or early TLS. Therefore, it is critically important that organizations upgrade to a secure alternative as soon as possible, and disable any fallback to both SSL and early TLS.”
The PCI recommends the following steps:
- Migrate to a minimum of TLS 1.1, preferably TLS 1.2.
- Patch TLS software against implementation vulnerabilities.
- Configure TLS securely.
- Use PCI SSC resources.
If you would like more information or have questions about PCI compliance, please call us today at 800.396.0246 or email firstname.lastname@example.org.