Microsoft will no longer allow legacy encryption for Azure AD communications after October 31, 2022. This means Providence and vendor devices/applications using TLS 1.0, 1.1 or 3DES will not work beginning in November. While Providence policies have long required TLS 1.2 for connections, there may still be applications in our network environment that have not been updated.
Action Requested
- If you are responsible for applications or devices utilizing Microsoft Azure, please ensure they have been updated to TLS 1.2 encryption.
- Cybersecurity and Cloud Engineering teams are available to assist in determining if your applications/devices are impacted and remediation steps.
- Business relationship owners with vendors who connect with Providence need to engage those vendors to ensure critical services will not be impacted.
Since this is a Microsoft initiative there is no exception process available and filing exceptions with the Cybersecurity team will not change the TLS 1.2 requirement deadline for October 31.
The movement to TLS 1.2 is industry wide as an important effort to improve cybersecurity and reduce opportunities for malicious actions.
More information
Please contact informationsecurity@providence.org.