On June 15, 2018, Box will disable the TLS 1.0 encryption protocolfor all customers and continue to support TLS 1.1 and higher,which Box already supports. Thiswill impact customers still using TLS 1.0 to connect to any Box service, including Box webapp, Box Sync, and APIs.
Here is some information to help you plan for the upcoming change:
What is TLS?
TLS stands for “Transport Layer Security.” It is a protocol that provides privacy and data integrity between two communicating applications. It’s the most widely deployed security protocol used today, and is used for web browsers and other applications that require data to be securely exchanged over a network. TLS ensures that a connection to a remote endpoint is the intended endpoint through encryption and endpoint identity verification. The versions of TLS, to date, are TLS 1.0, 1.1 and 1.2.
Box web and API connections, along with applications such as Box Sync and 3rd party apps, use TLS as a key component of their security.
Why is TLS 1.0 being disabled?
Box is requiring an upgrade to TLS 1.1 or higher in order to align with industry best practices for security and data integrity. Box is focused on continually helping our customers improve their security by using the latest security protocols. In early 2018, Box will require TLS 1.1 and later encryption protocol in an effort to maintain the highest security standards and promote the safety of customer data.
How can I check if my browser supports TLS 1.1 or higher?