SSL and Early TLS No Longer PCI Compliant
As you may be aware, new PCI requirements state that all payment systems must disable early TLS by 2018. Most major industries have already implemented TLS 1.2 and plan on deprecating support for SSL and early TLS long before the PCI SSC mandated deadline. This means that you need to be sure that your own applications have disabled SSL and early TLS, are up-to-date, and support newer versions of TLS.
ArcESB Support for TLS 1.2
ArcESB is at the forefront of security requirements, often implementing new standards ahead of industry-mandated deadlines. ArcESB 2017 already supports connecting over TLS 1.2 and you can enable the TLS 1.2 protocol for each connector using the point-and-click interface.
For details about configuring TLS read the latest knowledge base article:
- ArcESB TLS Configuration (article)
Additional Resources
At ArcESB we want you to understand that when you purchase our product, you are securing a lot more than just your EDI/managed file transfer solution. You are securing the ability to solve a problem at the present, together with assurance that our technology will be supported and maintained in the future. By updating to and maintaining the latest version of ArcESB, you can rest assured that your communications are being secured using the latest security standards.
If you have specific security concerns, please reach out to our support team and a member of our team can assist you in making sure that your applications are using the best security technologies for your needs.
More information about the PCI SSC announcement can be found on the PCI Security Standards blog: https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls