" stunnel Archives - LuxSci FYI Blog: Learn about HIPAA email encryption, secure email encryption, and more
LUXSCI

Posts Tagged ‘stunnel’

TLS 1.0 to 1.2 and NIST TLS Cipher Updates: Email Program and Web Browser Compatibility Issues

Friday, January 10th, 2020

 

It happens at least every few years: system administrators need to update the security configuration of their servers to keep up with the latest best practices and to close newly found security issues(i.e., via changes to recommended TLS ciphers and protocols).  These updates can be rocky. Change often introduces incompatibilities that prevent certain systems or programs from being able to connect to the updated systems.

(Article updated for January 10th, 2020).

TLS Encryption Compatibility

In this article we are going to look at what email program an web browser incompatibilities arise when you migrate from using the “old standard:” TLS v1.0+ and the ciphers recommend by NIST 800-52r1 to using either TLS v1.0+ and the new NIST 800-52r2 ciphers or TLS v1.2+ and the new NIST 800-52r2 ciphers.

Why?

  1. PCI required that servers that need to be PCI complaint use only TLS v1.1+ (which really means v1.2+) by the end of June, 2018.
  2. NIST 800-52r2 updated its recommended cipher list and remove many ciphers from revision 1 that are now considered “weak” and introduced a number of new, better ciphers.  Administrators should be using NIST 800-52r2 cipher support as a best practice.
  3. Organizations that require HIPAA compliance should also follow the NIST guidelines and prepare NIST 800-52r2 support and, where possible, support TLS v1.3 and eventually eliminate pre-TLS 1.2 support. See: What level of TLS is required for HIPAA compliance?

Read the rest of this post »

Connect to LuxSci Even More Securely: Use our VPN

Wednesday, June 5th, 2013

Use of SSL and TLS provide a very high degree of security for access to LuxSci’s and other provider’s services.  This is especially true for WebMail with LuxSci’s use of an Extended Validation SSL Certificate that turns your browser bar green and helps ensure that you know that you are talking with us and not some malicious site.

However, for the very security and/or privacy conscious and those with compliance requirements (like HIPAA), a significant degree of improvement in security can be had by using VPN access in addition to SSL and TLS.

How is VPN Access+SSL better than just SSL?

VPN Access to your premium environment LuxSci services creates a secured tunnel (using IPSec) where all traffic travelling from your computer to LuxSci’s servers is encrypted in transit … no matter what kind of traffic it is or what protocol it is for.  This means:

Read the rest of this post »

LUXSCI