On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Content provided by Web Hosting Podcast. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Web Hosting Podcast or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Similar to Web Hosting Podcast
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Daily update on current cyber security threats
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
Monday through Friday, Marketplace demystifies the digital economy in less than 10 minutes. We look past the hype and ask tough questions about an industry that’s constantly changing.
…
continue reading
TechStuff is a show about technology. And it’s not just how technology works. Join host Jonathan Strickland as he explores the people behind the tech, the companies that market it and how technology affects our lives and culture.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
PCI DSS Changes to TLS and Chrome 68 marks sites as not secure.
Manage episode 211636990 series 2303029
Content provided by Web Hosting Podcast. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Web Hosting Podcast or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Today on episode 21 Web Hosting Podcast. PCI (Payment Card Industry) changes that have come into affect. These changes make a dramatic shift to the encryption standard that you may not be aware of. If you are on a older operating system, and even some new ones, you may be left out in the cold and unable to get email or see your website. Chrome 68 is coming this month and if your site is not using https, then your visitors will start to see a “not secure” message. Moving your site to https should not break your budget with free SSL (AutoSSL) by cPanel.
What is PCI DSS (Payment Card Industry Data Security Standard)?
Payment Card Industry Data Security Standard applies to companies of any size that accept credit card payments online. If you accept credit cards as a form of payment for anything online, then you need to host your data securely with a PCI Compliant hosting provider. This is not the same as accepting PayPal payments on your website. This is strictly for credit card payment processing. Normally this is done through a payment gateway like authorize.net or others.
PCI DSS (Payment Card Industry Data Security Standard) changes for this year.
Primary change of interest happened on June 30th, 2018. This change made old and outdated forms of SSL/TLS no longer secure by standard. What this means is a higher level of encryption is now required if you are doing any form of credit card processing. This change has the potential to block out users on old outdated operating systems. It will also have the potential to disrupt your email workflow if you are not up to date on your email application. All forms of connections should be using a minimum of TLS 1.2. This means http(s), email, and ftp(s) have to be using TLS 1.2 to make a connection.
How this may directly affect you and your customers.
TLS 1.2 is a pretty old standard (2008), with TLS 1.3 on its way. However, some operating systems do not support TLS 1.2. This includes computers, tablets and phones. If you are currently not using a updated operating system, then you may not be able to send or receive email through your PCI compliant host. This is the most typical scenario I have seen. Most browsers have supported TLS 1.2 for a number of years. However, it has only been recently that IOS, for example, has supported TLS 1.2 in their own mail app.
What to do if you can’t get email or visit your site anymore.
Ensure you are running the most recent version of your operating system of choice. This means upgrade to Windows 10 or the latest Apple OS X. Simply updating Windows 7 to its latest release is not advised. You really need to run the latest operating system version. This also goes for any tablets or phones you may have. Once the latest version is installed you will likely not have any problems. For supported browsers for TLS 1.2, Firefox, Edge and Chrome support the latest TLS standard. For email clients, mail.app (on latest version of OS X 10.13) thunderbird and windows 10 mail.
Chrome 68 will start showing “Not Secure” for sites using http:// this month.
This should come as no surprise to anyone that develops sites or owns their own site. For the past 2 years google has been warning people that this day was coming (queue ominous music!). Google has even said your SEO ranking will suffer if you are not using https:// on your sites. If you are still some of the minor few that have not moved to https for your site, do not delay any longer. Web Hosting Podcast has discussed in many episodes how to use a free SSL certificate if you are on cPanel called AutoSSL. This is a SSL certificate process that is 100% free and will allow you to move to a more secure https. Gone are the days of having to purchase a SSL certificate every year, there really is no reason to not be using https for your site today. For more information on AutoSSL listen to these previous Web Hosting Podcast episodes.
31 episodes
Share
Manage episode 211636990 series 2303029
Content provided by Web Hosting Podcast. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Web Hosting Podcast or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Today on episode 21 Web Hosting Podcast. PCI (Payment Card Industry) changes that have come into affect. These changes make a dramatic shift to the encryption standard that you may not be aware of. If you are on a older operating system, and even some new ones, you may be left out in the cold and unable to get email or see your website. Chrome 68 is coming this month and if your site is not using https, then your visitors will start to see a “not secure” message. Moving your site to https should not break your budget with free SSL (AutoSSL) by cPanel.
What is PCI DSS (Payment Card Industry Data Security Standard)?
Payment Card Industry Data Security Standard applies to companies of any size that accept credit card payments online. If you accept credit cards as a form of payment for anything online, then you need to host your data securely with a PCI Compliant hosting provider. This is not the same as accepting PayPal payments on your website. This is strictly for credit card payment processing. Normally this is done through a payment gateway like authorize.net or others.
PCI DSS (Payment Card Industry Data Security Standard) changes for this year.
Primary change of interest happened on June 30th, 2018. This change made old and outdated forms of SSL/TLS no longer secure by standard. What this means is a higher level of encryption is now required if you are doing any form of credit card processing. This change has the potential to block out users on old outdated operating systems. It will also have the potential to disrupt your email workflow if you are not up to date on your email application. All forms of connections should be using a minimum of TLS 1.2. This means http(s), email, and ftp(s) have to be using TLS 1.2 to make a connection.
How this may directly affect you and your customers.
TLS 1.2 is a pretty old standard (2008), with TLS 1.3 on its way. However, some operating systems do not support TLS 1.2. This includes computers, tablets and phones. If you are currently not using a updated operating system, then you may not be able to send or receive email through your PCI compliant host. This is the most typical scenario I have seen. Most browsers have supported TLS 1.2 for a number of years. However, it has only been recently that IOS, for example, has supported TLS 1.2 in their own mail app.
What to do if you can’t get email or visit your site anymore.
Ensure you are running the most recent version of your operating system of choice. This means upgrade to Windows 10 or the latest Apple OS X. Simply updating Windows 7 to its latest release is not advised. You really need to run the latest operating system version. This also goes for any tablets or phones you may have. Once the latest version is installed you will likely not have any problems. For supported browsers for TLS 1.2, Firefox, Edge and Chrome support the latest TLS standard. For email clients, mail.app (on latest version of OS X 10.13) thunderbird and windows 10 mail.
Chrome 68 will start showing “Not Secure” for sites using http:// this month.
This should come as no surprise to anyone that develops sites or owns their own site. For the past 2 years google has been warning people that this day was coming (queue ominous music!). Google has even said your SEO ranking will suffer if you are not using https:// on your sites. If you are still some of the minor few that have not moved to https for your site, do not delay any longer. Web Hosting Podcast has discussed in many episodes how to use a free SSL certificate if you are on cPanel called AutoSSL. This is a SSL certificate process that is 100% free and will allow you to move to a more secure https. Gone are the days of having to purchase a SSL certificate every year, there really is no reason to not be using https for your site today. For more information on AutoSSL listen to these previous Web Hosting Podcast episodes.
31 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to Web Hosting Podcast
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Daily update on current cyber security threats
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
Monday through Friday, Marketplace demystifies the digital economy in less than 10 minutes. We look past the hype and ask tough questions about an industry that’s constantly changing.
…
continue reading
TechStuff is a show about technology. And it’s not just how technology works. Join host Jonathan Strickland as he explores the people behind the tech, the companies that market it and how technology affects our lives and culture.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
