Published on October 20, 2022 by Jennifer Leider
Why should you switch to TLS 1.2?
The digital landscape is ever-changing – we see this reflected in database patches, updates, and system turnovers.
TLS, ie Transport Layer Security, is an OS level of Microsoft data security. TLS 1.0 and 1.1 have been used for the past decades by SQL Server and other database users alike. Microsoft recently announced an upcoming update to TLS 1.2, putting out informational content about the switch in early October.
Because of security concerns, Microsoft is not able to disclose exactly when the update will occur. When TLS 1.2 becomes an option, TLS 1.0 and 1.1 will simply stop working. Your business’s data won’t be lost or altered, but certain database systems that use TLS 1.0 and 1.1 to communicate will no longer function. For example, you might be unable to send an email, as the database mail system no longer speaks the current TLS language, but that doesn’t mean earlier emails will be changed. And once your company updates to TLS 1.2, all systems will function as they should.
Your business should also prepare its databases for the change. If your business has an older version of SQL Server, for example, the install might not be able to support TLS 1.2. Ask if your server, whatever it might be, has the right updates, specs, hot fixes, etc. While TLS 1.2 is enabled at the OS level, not on a server, the major and minor builds of your server should be updated.
What steps should your business take to be proactive about this changeover? First, make all necessary updates to your database server. Then, disable TLS 1.0 and 1.1. Easy, right? ...Right?
This is a tale as old as time – Microsoft rolls out an update, and consumers wait until the last minute to make the appropriate changes. And we get it. Your DBAs are busy. Your business is potentially short-staffed and juggling far more prevalent projects than some future update happening at some undisclosed moment in time. There’s always a reluctance to new versions of systems that are actively working. Why not just wait until the update happens? This is a backburner sort of thing, right?
We hear you, but we don’t recommend waiting. Proactively engage with your servers. Double check SQL Server (or any other database) is ready to support TLS 1.2. Make sure your data is at the right encryption. Disable TLS 1.0 and 1.1 when the time comes. When Microsoft flicks that switch and makes the change, your business will keep moving forward seamlessly. Proactive, intentional preparation is your middle name, right? (We’re impressed. That’s a long middle name).
If you’re looking for senior DBAs to handle TLS 1.2 prep in your server, let us know! We’d be happy to help make the transition a breeze.