Deprecation: TLS 1.0

Box Employee

On June 15, 2018, Box will disable the TLS 1.0 encryption protocol for all customers and continue to support TLS 1.1 and higher, which Box already supports. This will impact customers still using TLS 1.0 to connect to any Box service, including Box webapp, Box Sync, and APIs.

 

Here is some information to help you plan for the upcoming change:

 

What is TLS?

  • TLS stands for “Transport Layer Security.” It is a protocol that provides privacy and data integrity between two communicating applications. It’s the most widely deployed security protocol used today, and is used for web browsers and other applications that require data to be securely exchanged over a network. TLS ensures that a connection to a remote endpoint is the intended endpoint through encryption and endpoint identity verification. The versions of TLS, to date, are TLS 1.0, 1.1 and 1.2.
  • Box web and API connections, along with applications such as Box Sync and 3rd party apps, use TLS as a key component of their security. 

 

Why is TLS 1.0 being disabled?

  • Box is requiring an upgrade to TLS 1.1 or higher in order to align with industry best practices for security and data integrity. Box is focused on continually helping our customers improve their security by using the latest security protocols. In early 2018, Box will require TLS 1.1 and later encryption protocol in an effort to maintain the highest security standards and promote the safety of customer data.

 

How can I check if my browser supports TLS 1.1 or higher?

How can I avoid service disruption?

  • If you are using the Box webapp to access Box, ensure that you are using a browser that supports TLS 1.1 or higher. Review the Box Policy for browser support here.
  • If you are using Box Edit or other such applications that connects to Box, ensure that you have upgraded to the latest version that supports TLS 1.1 or higher
  • If you use a 3rd party integration to access Box, ensure that the 3rd party software has been upgraded to a version that supports TLS 1.1 or higher