October 31, 2018. If you are already using Office 365, then this date probably has some sort of significance. If you have not moved or begun the process of planning your move to Office 365, this date may not mean anything. However, the date is rather important and should be something that you are either preparing for if moving to Office 365, or hopefully completely prepared for it.
The Change
Prior to October 31, 2018 clients were able to connect via TLS 1.0, 1.1 or 1.2. Outlook, for example, would rely on the underlying OS to determine what TLS version to use. For example, Windows 7, 2008 R2 and 2012 do not use TLS 1.2 by default. As such, when Outlook connects when installed on these OS’s, it would negotiate for a lower version, like 1.1 or 1.0 and then connect. After October 31, TLS 1.0 and 1.1 connections will no longer be allowed. This means that newer Windows workstations/servers will be able to connect as they support or allow TLS 1.2 connections out of the box. Older clients will fail to connect.
Why The Change
Security. Plan and simple. There are a lot of articles that litter the Internet on the technical details of why TLS 1.0 and 1.1 are going away:
LINK 1
LINK 2
LINK 3
LINK 4
Microsoft had been toying with this idea for a while, in fact this was supposed to go into effect in March of this year, but it was pushed back to October due to customer feedback.
Article 1
Article 2
Article 3
How/What to Prepare
What can you do to be prepared? Before moving to Office 365, clients that will connect to Office 365 need to be identified.
Clients Needing Updates
Windows 7
Windows Server 2008 R2
Windows 2012
In order for the above Windows OS’s to connect, a change will be need to be made to make TLS 1.2 the default protocol for communications:
https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-secure-protocols-in
With the fix in place, the clients will be able to connect again without issue.
There are some clients that will not allow TLS 1.2 to ever be supported. These are listed here:
- Android 4.3 and earlier versions
- Firefox version 5.0 and earlier versions
- Internet Explorer 8-10 on Windows 7 and earlier versions
- Internet Explorer 10 on Win Phone 8.0
- Safari 6.0.4/OS X10.8.4 and earlier versions
Further Reading
https://blogs.msdn.microsoft.com/kaushal/2011/10/02/support-for-ssltls-protocols-on-windows/
