Indigo upgraded and supporting TLS 1.2
February 24, 2020
by John van Vliet - Documentation Specialist
We know how important it is to keep your data safe. Technology advances quickly, and so does the need for advanced security protocols. It is up to service providers to ensure the best in security and privacy to their clients.
We take pride and care to keep all sensitive data transmitted through our Indigo Suite products secure and private. That is why on March 4, 2020, Indigo will no longer support TLS 1.0 and 1.1 and will instead only use TLS 1.2 or higher.
The change in these security protocols means you need to ensure that your web browser and external applications all use TLS 1.2.
If you are an Indigo administrator or one who consumes our APIs, please take a moment to read more about this security protocol, how it protects you and your company’s data or API integrations, and what you need to do.
What is TLS?
Transport Layer Security (TLS) is a security protocol that allows computers to communicate with each other and other devices securely over the Internet. TLS protects all transmissions, such as e-mails and files through a combination of symmetric and asymmetric cryptography, and it verifies that any software in use has come from the certified software publisher.
On 4 March, 2020, all apps and custom integrations working with Indigo will need to use TLS version 1.2 or higher. Major web browsers will soon end support for TLS 1.0 and 1.1 as these deprecated versions will have vulnerabilities and can leave your data at risk.
Version 1.2 and TLS 1.3 are the latest, securest, and fastest versions of this security protocol. Indigo, when launched, had supported TLS 1.0 and 1.1 for backward compatibility.
How does TLS affect Indigo?
TLS 1.2 and 1.3 helps to secure your data in Indigo, including your payslips and FSS files, your employee data, messages, and more as it is moved between your computer and our database servers, and vice-versa. TLS helps to maintain the integrity and the authenticity of your data.
It also secures custom integrations and communications with other applications. Developers who work with our APIs should read our help article detailing what you should do in regards to libraries and integrations.
What do I need to do?
Our Indigo security and IT teams have already enhanced indigo.shireburn.com with TLS 1.2 compatibility. The first thing you need to do as an Indigo administrator is to ensure that you have the latest version of Google Chrome or Safari before March 2020.
You can check your browser’s TLS compatibility by clicking this link. Be sure to advise your employees that they have the latest version of Chrome or Safari.
The second thing is to make sure that all apps and services which integrate or work with Indigo are using TLS 1.2 or higher. If these apps use modern programming languages, it is likely that they are already compatible with TLS 1.2 or 1.3.
How can I update my web browser?
To update your Google Chrome browser (the browser we recommend for Indigo users to use):
- Open Google Chrome and go to Settings.
- Click on About Chrome in the left sidebar.
- Click on Update Google Chrome.
- Click Relaunch.
Your browser is up to date if you do not see the Update Google Chrome button.
To update your Safari browser, update the software on your macOS computer.
How can I check if other websites keep my data safe?
Web browsers display icons in the address bar which provide details about the web domain you are visiting.
Most web browsers use a padlock icon to indicate that a website is certified secured. Click on this icon find details about the certificate, as well as information about site cookies and other settings.
You should always check a website’s security credentials before transmitting any personal or financial data to that site.