Solving the TLS 1.0 Problem
Evolving regulatory requirements and new security vulnerabilities provide organizations with incentive to disable TLS 1.0. ConRes recommends customers get ahead of this issue by removing TLS 1.0 dependencies in their environments and disabling TLS 1.0 at the operating system level, where possible.
ConRes recommends that any organization with a TLS 1.0 deprecation plan include the following:
- Code analysis to find or fix hardcoded instances of TLS 1.0 or older security protocols.
- Network endpoint scanning and traffic analysis to identify operating systems using TLS 1.0 or older protocols.
- Full regression testing through your entire application stack with TLS 1.0 disabled.
- Migration of legacy operating systems and development libraries and frameworks to versions capable of negotiating TLS 1.2 by default.
- Compatibility testing across operating systems used by your business to identify any TLS 1.2 support issues.