Stay in the know and up-to-date on what's happening in the Blackbaud Community.

Stay PCI Compliant By Taking Action

Hopefully you’ve heard about TLS and the changes to TLS recommended by the PCI Security Standards Council. The bottom line? You may need to take action to remain PCI Compliant and retain full functionality in your software solutions.  But don’t worry – we have you covered!
 

What is TLS?
TLS stands for “Transport Layer Security.” It is a protocol that provides privacy and data integrity between two communicating applications. It’s the most widely deployed security protocol used today, and is used for web browsers and other applications that require data to be securely exchanged over a network. TLS ensures that a connection to a remote endpoint is the intended endpoint through encryption and endpoint identity verification. The versions of TLS to date are TLS v1.0, v1.1, and v1.2.

What’s changing and what do I need to do?
As part of our commitment to sector-leading security and in alignment with industry best practices set forth by the PCI Security Standards Council, Blackbaud is disabling TLS (Transport Layer Security) v1.0 encryption protocol across all its solutions on March 15, 2018.
This is an industry-wide change, required by the PCI Security Standards Council of all software vendors and payment processors.

Blackbaud Solutions
If you are on a Blackbaud cloud or hosted solution and receive upgrades automatically, your Blackbaud solutions are always current and always compliant – you will receive any needed changes to your solution automatically. However, if you are self-hosted or schedule your own upgrades, please go to www.Blackbaud.com/TLS to review what version of your solution you need to be on and make sure your organization has plans to adopt a compliant version before March 15, 2018.

Operating Systems and Browsers
In addition to ensuring you’re on the latest version of your Blackbaud solution, you also need to ensure you’re using compatible operating systems and browsers. The same requirement applies to your donors that are making transactions on your website. For a full list of compliant operating systems and browsers, visit Blackbaud.com/TLS.

After March 15th, you will not be able to log on to your Blackbaud solutions from a noncompliant operating system or browser. If your donors go to your website to make a donation and are running incompatible versions of their operating system or browser, their transaction will fail.

Ask your IT department to confirm your organization’s operating system and browsers are ready for TLS changes.

Still have questions? Don’t worry. As your technology partner, we’re here to help. Check out Blackbaud.com/TLS for all the information you need.
 
 
Posted by Holly Herbert on Oct 26, 2017 4:36 PM America/New_York

Leave a Comment

Log in to post a comment.

Can anyone suggest "language" that is user friendly when trying to communicate this to our donors?  I am guessing we should send email blasts about this in Luminate, but want it to be easily understood.  Any suggestions?  
  • Posted Thu 26 Oct 2017 04:50 PM EDT
Or a standardized paragraph to be added to donation pages?
  • Posted Thu 26 Oct 2017 05:04 PM EDT
Great questions, Marisa and Patricia! We will be posting a follow-up blog post with some helpful language and tips for communicating this information with your donors.
  • Posted Thu 26 Oct 2017 05:09 PM EDT
Will the follow-up post be emailed as well? 
  • Posted Thu 26 Oct 2017 05:46 PM EDT
Great question, Laura. I’ve reached out to the teams who are coordinating these messages and they said we will know more early next week. Once I know, I’ll let you know as well! 
  • Posted Thu 26 Oct 2017 07:09 PM EDT
What I really need are chip readers, when are those going to be available?
 
  • Posted Thu 26 Oct 2017 07:19 PM EDT
Could you please let me know specifically which Blackbaud software solutions are affected? Does it involve only transactions that are made on our webpage?
  • Posted Fri 27 Oct 2017 08:45 AM EDT
Hi June, you can find a full list of solutions, how they are impacted by this, and what you will need to do to prepare for it here: https://www.blackbaud.com/TLS
  • Posted Fri 27 Oct 2017 09:52 AM EDT
We are recent clients of RE and OLX. I will follow up with our IT from our end, but can you send me suggested simple language when ready? Thank you. 
  • Posted Fri 27 Oct 2017 11:41 AM EDT
Debra, we will definitely be blogging (like we did here) simple language that you can use with donors soon. I'm still tracking down if we will also send an email with everything in it.
  • Posted Fri 27 Oct 2017 11:46 AM EDT
>"For a full list of compliant operating systems and browsers, SEE BELOW"
Did you forget to append the list?
  • Posted Tue 14 Nov 2017 11:00 AM EST
Thanks for the catch, Kelley. I've updated the blog post with a reference link.
  • Posted Tue 14 Nov 2017 11:04 AM EST
How will Cybersource customers be affected, given their recent announcement that they are disabling TLS v1.0 and v1.1 by February 28th, 2018?
  • Posted Wed 24 Jan 2018 10:25 AM EST
Hi Mike! CyberSource should probably address that question, not us. :)
  • Posted Fri 26 Jan 2018 09:18 AM EST

Categories