Secure Communications
Cybersecurity

Protecting Your Organization’s Secure Communications

Marty Tatro
by March 4, 2022

Many, if not all, organizations use the Internet and other networks to communicate both within and outside of the organization. These communications may be emails, using the Internet to access information related to business needs, or taking advantage of virtual meeting applications. With much of our daily lives at work and the home being across networks, security for those communications has become a necessity that we cannot postpone. 

What is going on with Secure Sockets Layer (SSL) and Transport Layer Security (TLS), and how can we fix it?

It is well proven that an organization staying ahead of “the game” with its cybersecurity measures will reduce risks becoming realized problems. Still, many organizations may not understand how being behind in even small ways can affect their operations. The National Security Agency (NSA) recommends that obsolete or deprecated SSL and TLS certificates be blocked and that only updated TLS certificates be required for network communications (National Security Agency).

What can we do?

In many cases, changes may have already occurred during standard operating system (OS) updates allowing up-to-date protocols to be used. In some cases, these updates may have been automatic. Updated Internet browsers may also alleviate these problems as many of them require minimum/maximum SSL/TLS settings to connect to a site.

Northstarr recommendations:

As a Managed Service Provider, Northstarr System Solutions can help your organization with managing its security and systems, as well as protecting your data.  Ensuring your organization uses up-to-date and secure settings when accessing the Internet can be a chore that we can relieve. Below, we will show you the basics of how to adjust the security settings related to TLS/SSL on the most commonly used browsers.

Note: The following operations were accomplished on a machine using the Windows 10 operating system. Options may vary depending on your OS and the version of the browser(s) you are using. We recommend updating to the most current version of your operating system, as well as with your applications and browsers, for the best security. Note: Apple’s Safari is no longer supported on Windows systems. Until this changes, it is recommended to remove older browser versions.

Microsoft Edge, Google Chrome, and Opera browsers – TLS configuration walkthrough

TLS/SSL settings for your browsers on a Windows 10 computer are managed in the Internet Properties app, which can be accessed by either pressing the Windows key plus the R button at the same time and entering “inetcpl.cpl” into the ‘Open’ line of the Run app, or by entering inetcpl.cpl in the desktop search bar and clicking on the provided link in the search results. The Windows key is the button (usually bottom left of the keyboard between the ‘Ctrl’ and ‘Alt’ keys) that looks like the Windows logo.

This button combination will open the “Run” command box.

-OR-

Using the desktop Search bar, enter “inetcpl.cpl” into the search bar at the bottom left of the screen, then either click on ‘Open’ or double click the search result in the top left corner of the search results.

Desktop search bar
Search for Internet Options (inetcpl.cpl) application

Both methods will bring you to the Internet Options app in WindowsOnce you have opened the Internet Options application within Windows, you will see the following window. Select the ‘Advanced’ tab to continue.

Scroll down to the ‘Security’ area of the ‘Settings,’ and you will see the SSL and TLS check box selections. 

Security setting area

We recommend that you deselect any selected SSL security settings and select only TLS. You may need to adjust these settings based on the sites your organization wishes to allow access to, as they may not have TLS enabled. I show that TLS 1.3 (experimental) is checked, but this may be one that you might avoid as well. Click ‘Apply,’ then ‘OK.’The next time you open Microsoft Edge to use the Internet, your browsing experience will be that much safer.

Mozilla Firefox – TLS configuration walkthrough

The Firefox browser has a slightly different configuration process, requiring you to access the browser’s settings directly. Open your Firefox browser and enter [about:config] into the URL search bar.

You will likely receive a warning concerning changing advanced settings.

Click on [Accept the Risk and Continue].

Click on [Accept the Risk and Continue].

In the search bar at the top of the next page, you can search for [TLS], which will provide you several results after the results have been populated. You are looking specifically at the two items [security.tls.version.min] and [security.tls.version.max]. 

These settings are numbered 1 – 4 and relate to the specific minimum or maximum version of TLS that you wish to allow your browser to use.

  • 1 is for version 1.0
  • 2 is for version 1.1
  • 3 is for version 1.2
  • 4 is for version 1.3 (experimental at the time of this writing)

The version of Firefox used in this walkthrough is 89.0.2, which has the preset for max at “4” and for min at “3.” Remember, you may need to adjust these if you access sites that are at a lower TLS/SSL setting.