TLS 1.2 Microsoft Enforcement

Microsoft Will Enforce TLS 1.2

Microsoft has announced that in an effort to safeguard consumer communications against the potential for future protocol downgrade attacks and other TLS vulnerabilities, they will be enforcing the use of Transport Layer Security Version 1.2 in all Microsoft Office 365 Environments in October of 2018. At this time, they will also discontinue support for TLS versions 1.0 and 1.1. Any Office 365 environment using a client-server or browser-server combination that require the use of TLS 1.0 or 1.1 will see interruptions in service. Microsoft has provided this list of affected clients and browsers:

The following are some clients that we know are unable to use TLS 1.2.

  • Android 4.3 and earlier versions
  • Firefox version 5.0 and earlier versions
  • Internet Explorer 8-10 on Windows 7 and earlier versions
  • Internet Explorer 10 on Win Phone 8.0
  • Safari 6.0.4/OS X10.8.4 and earlier versions

Microsoft also urges customers with any on-premises infrastructure for hybrid scenarios or Active Directory Federation Services to verify that their infrastructure can support both inbound and outbound connections that use TLS 1.2. For more information, please visit Microsoft’s summary page for this announcement.

How will this Affect Lync Phone Edition (LPE) Devices?

Some common handsets used with Skype for Business will be affected by the enforcement of TLS 1.2. Devices that are non-compatible with TLS 1.2 will not be able to connect to Office 365 services including Skype for Business Online and Microsoft Teams.

These devices will be affected:

  • Polycom: CX500, CX600, and CX3000
  • Hewlett-Packard: 4110 and 4120
  • Mitel-Aastra: 6721ip and 6725ip

LPE will still be able to connect to on-premises deployments using TLS 1.0, but some functionality–Exchange Online Calendar and Voicemail and compliance regulations–may still require the upgrade to TLS 1.2.

Please see this Microsoft LPE FAQ for more information.

Not sure if your environment or devices will be affected? Give us a call at 303-786-7474 and we’ll be happy to give you a free assessment and help prepare your environment for the change.

Jacob Eker, PEI

Interested in learning more about IT Security and how you can protect your business?  Contact us for a Security Assessment!

Leave a Reply