Current research* shows that 22.2% of firms are currently not running TLS 1.2. Across sectors this number is substantively higher. For example public administration is 37%, the Energy sector is 40% and the Education sector is a whopping 47%.
The Internet Engineering Task Force, the National Institute for Standards and Technology, and the Payment Card Industry Security Standards Council, are mandating that operators of web servers ensure that they’re using the most up-to-date version of the protocol, TLS 1.2 before the end of 2020. Additionally, TLS 1.0 and 1.1 have been (or are in the process of being) rejected by major browsers. This means that major web browsers will be utilizing warnings when a user visits a site that doesn’t support TLS 1.2.*
TLS, along with the earlier SSL, has provided an easy access route for attackers who can exploit weak or non-existent deployment of the protocol. A weak deployment makes a “man-in-the-middle”, or any other attack for that matter, exponentially simpler.
Another substantive issue with TLS 1.2 is that with the onset of quantum computing it will soon be obsolete. Quite simply the RSA encryption keys are not strong enough to withstand quantum attacks. Further, TLS does nothing to protect your data while it is at rest or in use. The Helix22 SDK, protects all data at all times.
The point is, your firm or nation will need to update to TLS 1.2 very soon and everyone else will need to replace it. Why not just install Helix22 now and be 100% protected for the foreseeable future. Helix22 is 22nd Century Data Security.
If you are still running SSL, then contact us ASAP.
Helix22 – Zero Risk
*Measuring the State of TLS 1.2 across the Internet – RiskRecon/Mastercard