Quick Base Disabling TLS 1.0 and 1.1

  • 2
  • Announcement
  • Updated 5 months ago
  • (Edited)


Quick Base is focused on continually helping our customers improve their security by using the safest security protocols and aligning with industry best practices for data security and integrity.

To that end, on November 14th, 2018 at 1:00 PM Eastern US Time, Quick Base will disable the TLS 1.0 and TLS 1.1 encryption protocols on the Quick Base platform while continuing to support TLS 1.2.

What is TLS?
TLS, short for Transport Layer Security, is a method for keeping your data secure online. You might also see this called SSL, which is an older term for the same type of technology. Without TLS, it’s possible for hackers or criminals to see your online activity. That’s why TLS has become the security standard online, used by online banks, email services, and– of course – Quick Base! You can tell a web site is using TLS if it has a lock icon next to the address:

 

TLS keeps your data safe in two ways. First, it encrypts your data so only the website you are interacting with can access it and other parties cannot.

TLS also protects you if a web page claims to be created by a certain company, but it was really built by someone else. TLS detects this and shows a red or crossed-out lock icon next to the web address



Quick Base is a trusted platform which uses TLS to ensure your confidential data remains secure and private.

Am I using TLS 1.0 or 1.1 to access Quick Base?
If you only access Quick Base applications using your browser, you most likely are NOT using TLS 1.0 or 1.1 and will hence have no problem when we disable support for them. If you want to know if your browser supports TLS 1.2, follow the instructions in the next section.

To verify if your browser supports TLS 1.2 click the link below:
https://www.ssllabs.com/ssltest/viewMyClient.html

If the above test at ssllabs.com reads as follows, you are all set:



Otherwise, you can read on for more information about browser compatibility with TLS 1.2 by checking out the section below titled "What action is required if I use a browser to access Quick Base?"

If you use Quick Base APIs:
If you use scripts or software programs that access Quick Base applications using APIs (Application Program Interfaces) or third-party integrations, you are possibly using TLS 1.0 or 1.1 and may have a problem when we disable them. If you’re not sure whether your apps use such scripts or programs, please open a support case by:

Clicking the ? menu > Manage Support Cases > + New Support Case.

For more information on how to evaluate your API programs, check out the next section.

What action is required if I access Quick Base via APIs or third-party integrations?
If you have scripts or software programs, such as those written in Java or .NET, or scripts that use Quick Base APIs, you must ensure that the TLS implementation you are using on your side, supports TLS 1.2. If you use a third-party integration to access Quick Base, ensure that the third-party software supports TLS 1.2. If you are using Quick Base Edit, ensure that you have upgraded to the latest version that supports TLS 1.2. In all cases above, you must ensure that your implementation is configured specifically to use TLS 1.2 as the protocol with which it establishes a secure connection to Quick Base services.

If you’re not sure how to update your scripts or software programs, or you’re not sure how to access them, you need to contact your IT team, systems integrator,or webmaster.

TLS 1.2 Test Endpoint for APIs
Quick Base has provided a test endpoint for your API programs/scripts at https://tls.quickbase.org. This endpoint is not intended to be a full Quick Base test environment, nor is that necessary for you to validate that your API programs/scripts support TLS 1.2.

Establishing a secure network connection between your API programs/scripts and the Quick Base platform occurs before any functional requests are made to the platform. In fact, the secure network connection is made between your API programs/scripts and Cloudflare, our DDOS protection service. Cloudflare then handles establishing the secure network connection between Cloudflare and Quick Base. Therefore, the focus of your testing efforts in this case need only be on successfully establishing the secure network connection using the TLS 1.2 protocol.

The test endpoint only supports TLS 1.2 and when successfully accessed will return a text value of “Successfully connected using TLS 1.2”. You can test your existing API programs/scripts by pointing them at this test endpoint and verifying that a successful TLS 1.2 connection has been made using your debugger or log files.

If your API programs/scripts do not support TLS 1.2, you should see an error in your debugger or log files similar to the following:

"The underlying connection was closed: An unexpected error occurred on a send."

"Authentication failed because the remote party has closed the transport stream."

"javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake caused by: java.io.EOFException: SSL peer shut down incorrectly"

TLS 1.2 Support from Popular Quick Base Integration Providers:
    •    Juiced Technologies - http://qbtools.helpdocsonline.com/tls-1.2-quick-base-upgrade
    •    QuNect - https://www.qunect.com/appnotes/tls.html
    •    SoftTechExperts - http://softtechexperts.com/sendtoquickbaseupdatefortls.html
    •    Workato - https://www.workato.com/legal/security (See Network Security Section)
    •    Zapier - Although Zapier has no official statement about TLS1.2 Support, our logs show they only
                          use TLS 1.2 when communicating with Quick Base.

What action is required if I use a browser to access Quick Base?
You need to ensure that your browser supports the use of TLS 1.2.  All modern browsers provide support for TLS 1.2 including all versions of Firefox and Chrome and Internet Explorer since version 7.

You may have trouble accessing Quick Base if:

    • You are not using a supported internet browser, or
    • Your browser has the supported encryption protocols (TLS 1.2) disabled in the settings.

The Quick Base Policy for browser support is here.

To validate your browser's compatibility with TLSv1.2,  see the table below.

       

       

Below are details of compatibility configurations for computers running Microsoft Windows with the Internet Explorer or Edge browsers:

Microsoft Windows 10, Server 2016, and newer
These operating systems are already compatible with TLS 1.2:
    • If the browser has its default configuration, no further configuration is necessary.
    • Although Microsoft Internet Explorer 11 is installed, Microsoft Edge is set as the initial default web browser.
    • Both of these web browsers enable TLS 1.2 by default

    Microsoft Internet Explorer 11
    In the default configuration, Internet Explorer 11 under Windows 10 is compatible

    Microsoft Edge
    In the default configuration, Microsoft Edge under Windows 10 is compatible

Microsoft Windows 8.1 and Server 2012 R2
These operating systems are already compatible with TLS 1.2:
    • If the browser has its default configuration, no further configuration is necessary.

    Microsoft Internet Explorer 11
    In the default configuration, Internet Explorer 11 under Windows 8.1 is compatible
    If you cannot access Quick Base in Internet Explorer 11:
        1. Click Tools
        2. Click Internet Options
        3. Select the Advanced tab.
        4. Place a tick on the "Use TLS 1.2" item.
        5. Click Ok
    You may also select the "Reset..." button on the Advanced tab to re-enable TLS1.2.

Microsoft Windows 7 and Server 2008 R2
These operating systems support Internet Explorer versions 8 through 11, however, Internet Explorer 8 is not stable with TLS 1.2, nor is it supported by Quick Base.

    For the best experience, use Internet Explorer 11 or newer.

    Microsoft Internet Explorer 11
    In the default configuration, Internet Explorer 11 under Windows 7 gives access to our applications.
        • This version is already fully compatible with TLS 1.2.

    If the browser has its default configuration, no further configuration is necessary, otherwise:
        1. Click Tools
        2. Click Internet Options
        3. Select the Advanced tab.
        4. Place a tick on the "Use TLS 1.2" item.
        5. Click Ok

These operating systems are not compatible with TLS 1.2:
        •Windows XP
        •Vista
        •Server 2008
        •Server 2003 and earlier

    If you utilize the above systems:
        • Upgrade to Windows 7, 8 or 10 and use Internet Explorer 11 or Edge (preferred), Google Chrome, or Mozilla Firefox
        • Google Chrome requires Windows Vista or newer
        • Mozilla Firefox requires Windows XP Service Pack 2 or newer
Photo of Michael John Lemire

Michael John Lemire, Security and Compliance Officer

  • 130 Points 100 badge 2x thumb

Posted 5 months ago

  • 2

There are no replies.

This conversation is no longer open for comments or replies.