Automate your TLS upgrade to avoid IT disruption

Roland Flutet

Senior Manager, IT, ACL

    

The best kind of issues are the ones IT prevents from happening. Most IT teams have a helpdesk ticketing system that allows them to be reactive, but they generally lack a reliable tool allowing them to be proactive.

ACL can help you get there.

Let’s look at a situation you’re probably facing: the end of life of the TLS 1.0 security protocol.

Many vendors are upgrading their clients due to vulnerabilities with older versions of the TLS security protocol. Usually, the clients upgrade automatically and no action is required; but how do you handle the cases where the upgrade didn’t happen automatically?

At this point, the client is still working and the user is unaware of the upcoming issue; this is your opportunity to be proactive and address the situation before it affects the business.

Without ACL, the task can seem daunting: it often comes down to an IT technician going through a spreadsheet of machines that need updating, sending an email to all the users who need to manually run the new installer—and hoping nobody drops the ball.

With ACL, this workflow can be automated, reducing the IT effort and offering up-to-date visibility into the progress of the initiative.

Here is a simple remediation workflow:

Simple remediation workflow

From GRC, you can easily create new questionnaires with a variety of questions:

Questionnaire details

Send your questionnaire to all users in just a few clicks—in this case, the second question appears only if the answer to the first one is “No”:

Respond to questionnaire window

Set up a trigger to be notified every time a user responds:

Notify IT of user response

And best of all, you get to see what’s happening in real time in your storyboard—which you can share with anyone without needing an ACL license!

Storyboard - end of life remediation

Hopefully this proves that the upgrade to a more secure TLS protocol version doesn’t have to be difficult. Are you ready for the June 30, 2018 deadline to implement a more secure encryption protocol?

Share This