Security when connecting to the internet is important. In modern computing, this security is provided by the TLS protocols. The Transport Layer Security protocols have new versions released occasionally that offer the latest security features.
To prevent people from continuing to use an old version forever, older versions are eventually deprecated. Ideally, this happens before any security vulnerabilities are practically exploitable in them. The first two releases of TLS, versions 1.0 and 1.1, are being deprecated. The preferred TLS versions are the more modern 1.2 and 1.3.
Note: TLS may sometimes be incorrectly referred to as SSL or Secure Sockets Layer. This was a previous protocol that performed the same task but worked differently. Additionally, both publicly released versions of SSL – versions 2 and 3 – are now considered insecure.
Slack is one of the early deprecators of TLS 1.0 and 1.1. This approach is evidence of its commitment to security. While Slack can easily control the security protocols its own software uses, third-party developers may not keep up.
Old apps or integrations may be continuing to use the older versions of TLS because they were never updated to support newer versions. Connecting with older, weaker security standards runs the risk of the data being compromised. Eventually, the affected user or integration will not be able to connect to Slack anymore.
How to Check If Users or Integrations Are Using Deprecated Versions of TLS
To help identify which users or integrations need to update to continue to be compatible, Slack offers a service that lets you see who in your workspace has connected or attempted to connect with outdated security protocols. To do this, you need to go to the TLS section of the settings. Unfortunately, there’s no direct way to get there from the main Slack application.
You’ll instead need to go through the member management settings. To get there, click on the workspace name in the top-right corner. Next, in the dropdown menu, select “Settings & administration.” Then “Manage members” to open the Member management page in a new tab.
Once you’re on the member management page, click on the top-left corner’s burger menu icon. Select “Support for Transport Layer Security (TLS)” from the list.
In the TLS section, scroll to the bottom of the page. Here you can check if your workspace has any users or integrations that suffer from TLS deprecations. You can download the data in a CSV format by clicking “Download CSV.”
Conclusion
TLS is the backbone of modern internet security. Older versions are weak and have security vulnerabilities; however, that is getting more feasible to exploit. By following the steps in this guide, you can check if any users or integrations in your workspace are attempting to connect using outdated TLS protocols.
This post was written by Mel Hawthorne and was first posted to Technipages
Do you find this article helpful? Your Friend might too. So, please Share it with them using the Share button above.
Will you like to get notified when I post new updates? Then Follow me on any of my social media handles: Google News, Telegram, WhatsApp, Twitter, Facebook, Pinterest.
You can also drop your email address below if you wish to be notified by mail.