Eyvo Security Upgrade to TLS 1.2
By | E-Procurement Software

Please note that effective Jan 1st 2021 Eyvo will no longer support TLS 1.0 or TLS 1.1 on any of our servers or external communications.

For an explanation of TLS please read this article

Please share this web page with your internal IT technical support teams to ensure they are aware of this change.

As a provider of cloud-based software, Eyvo adheres to security guidelines set forth by the National Institute of Standards and Technology (NIST). The NIST is charged with setting Internet security protocol for the U.S. government. As security upgrades are launched, they are adopted first by government institutions, with public companies following suit.

According to the NIST, the level of data encryption provided by Secure Socket Layer (SSL) technology is no longer adequate. In 2015, the NIST mandated that government agencies upgrade to a new Transport Layer Security (TLS) protocol, TLS 1.2, which addresses loopholes present in SSL and TLS 1.0 and 1.1.

What to do

You will need to ensure the Internet browsers used to connect to the Eyvo system are capable of accepting the new certificates and communicating with the TLS 1.2 protocol.

To ensure the highest level of security, we support the following browsers, compatible with TLS 1.2:
Compatible Browsers
Internet Browser Version
Google Chrome™ Current & future versionsverify version
Mozilla Firefox® Current & future versionsverify version
Microsoft Internet Explorer® Current & future versionsverify version
Microsoft Edge® Current & future versionsverify version
Apple Safari® Current & future versionsverify version

It is difficult to develop software so that all features work identically, efficiently, and effectively on all web browsers. Eyvo follows industry best practices in building our software to render best on the most current browser editions available. Older browsers should not be used to access our services, we no longer design or test new features on the older browsers or modify our software to support them. Should you experience an issue with how our software functions on an older browser, our Support team will recommend you upgrade in order to take advantage of faster, more secure, fully-supported applications from the browser manufacturers.

Test your browser

Here is a test page that will tell you if your browser is compatible with our site.

The good news

If your browser is one of those that hasn’t yet been updated, you’ve got a few options:

1) Check your browser’s “About” tab to locate your version information and download any pending updates. You should be good to go once that’s done. For example, if you use Internet Explorer, you’ll go to Tools, and select About Internet Explorer.

about_ie_tools
A window will appear, showing which version you have installed.
ie_version_number
In fact – if you are using IE11 or older now is a good time to upgrade becuse Microsoft has announced that IE11 will not be supported past August 2021.

2) If your browser is up to date, but you’re still seeing the error message, that means your particular browser has not yet implemented the new security protocol. To get to websites like ours that use the new protocol, you’ll want to switch to a browser that’s been updated to TLS 1.2, such as Google Chrome™, Mozilla Firefox® 39.0, Internet Explorer 11, Edge, or Apple Safari® 8 for Mac (Apple OS X 10.10).

Further Reading

The original announcement from the NIST: http://csrc.nist.gov/publications/nistbul/itlbul2014_04.pdf

Tripwire article about the NIST announcement:

A quick “how-to” on disabling SSL 3.0 and TLS 1.0 in IE, Firefox, and Chrome: https://info.ssl.com/howto-turn-off-ssl-3-0-and-tls-1-0-in-your-browser/

NIST SHA2 Recommendations: http://csrc.nist.gov/publications/nistpubs/800-78-3/sp800-78-3.pdf http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf

Roger A. Grimes, “All you need to know about the move to SHA-2 encryption.” InfoWorld, Feb 3, 2015.

call
Talk To An Expert

USA +1 888 237 9801
UK +44 (0)560 307 4470