In order to eliminate any exposure to the POODLE vulnerability threat, which was discovered by Google researchers this past October, Global DMS will no longer support the Secure Socket Layer (SSL) 3.0 encryption on any of eTrac’s servers or network resources – effective immediately.
This vulnerability affects the SSL 3.0 encryption protocol, which may allow a man-in-the-middle attack to extract data from secure HTTP connections. Though it is somewhat difficult to exploit, we decided to disable the SSL 3.0 encryption to fully address the issue so our customers’ data remains secure.
What does this mean for Global DMS customers?
In order to access Global DMS’ applications and application program interfaces (API), customers will need to use the Transport Layer Security (TLS) 1.0 encryption or higher. This means that your internet browsers and web service API (inbound) integrations will need to support the TLS 1.0 encryption.
Fortunately, all the modern browsers that Global DMS currently supports generally have the TLS 1.0 encryption enabled by default, so most customers will not be impacted by this change. However, browsers such as Internet Explorer 6 or lower—which are not officially supported by Global DMS—will not have the TLS 1.0 encryption enabled by default and will require action. These older browsers are more than capable of handling the TLS 1.0 encryption, but it must be enabled manually by the user.
For more information, please contact Technical Support at 877-866-2747 x3.