The National Security Agency (NSA) has shared guidance on how to detect and replace outdated Transport Layer Security (TLS) protocol versions with up to date and secure variants.
The US intelligence agency also highlights the dangers behind using deprecated TLS including both risks of sensitive data exposure and decryption of network traffic in man-in-the-middle attacks.
"Remediation is crucial to decreasing computer system and network attack surfaces and preventing unauthorized access to private data," the agency
said.
"NSA recommends that only TLS 1.2 or TLS 1.3 be used and that SSL 2.0, SSL 3.0, TLS 1.0, and TLS1.1 not be used."
Implementing the measures in NSA's guidance eliminates the false sense of security provided by obsolete encryption protocols by helping block insecure TLS versions, cipher suites, and key exchange methods to properly encrypt network traffic.
Updating TLS configurations will provide government and enterprise organizations with stronger encryption and authentication to help them build a better defense against malicious actors' attacks and protect important information.
