A Big Security Update is Coming to Webmail
Stronger TLS standard is meant to better protect your data
An important security update is coming soon to Webmail, Arvig’s email service.
What follows is a detailed overview of the changes ahead: What they are, why they’re needed and what you should do to avoid potential service interruptions and issues.
The good news is, most users running updated browsers and email apps won’t notice a change. Users on older technology, however, are most likely to be affected. Even so, there’s still time to prepare, and it’s simple.
At the ground level, the changes underway involve an upgrade to the protocol that allows internet-connected devices to securely exchange information over the internet.
The update isn’t an internal process that Arvig can control. Moving the change forward is the vendor Arvig uses to provide Webmail email service. It’s something that the service provider is implementing across the platform for all its customers in an effort to improve security and better protect your data and email communication.
The technical details: TLS and your personal data
The protocol—called Transport Layer Security—sets the standard for how that data is safely transmitted between devices without it being vulnerable or exposed to anyone.
Any time you make an online purchase, send an email, complete an online banking transfer or otherwise exchange sensitive data, you’re benefiting from TLS security, because it ensures that your data is encrypted, or protected from being read, intercepted or accessed by outside audiences.
TLS is adopting a new, more improved and more secure standard—and it’s being rolled out across the digital spectrum, including by apps like your browser and email client. As a result, the older, less secure standards—known as TLS 1.0 and 1.1—are slowly being phased out in favor of TLS 1.2 and TLS 1.3.
Companies everywhere—such as Microsoft, Google, Amazon, Apple and now the host of Arvig’s email service, Atmail—(or Webmail, as you know it) are all ensuring their products use this new standard because the weaker, outdated protocols leave sensitive customer data potentially at risk.
Atmail has informed Arvig that support for the older TLS versions will end in January 2022.
What a children’s book teaches us about modern data security
Here’s what all this means for you, the user. In the coming months, Webmail will end support for applications using TLS 1.0 and 1.1. In this case, that will affect older versions of email clients such as Microsoft Outlook and Apple Mail and browsers such as Google Chrome, Safari, Internet Explorer, Firefox and others.
Browsers and email clients still running TLS 1.0 and 1.1 will no longer be supported by Webmail. They might still function—you might still be able to send and receive messages, but your email communications will be highly vulnerable to hacking or data theft. Without support no longer in place for these older systems, it’s like leaving the front door unlocked—hackers could walk right in.
Remember the Three Little Pigs in the fable about the big bad wolf and the houses built of straw, sticks and bricks?
The users still hanging on to TLS 1.0 and 1.1—by using old browsers and outdated apps—are like the pigs in the straw and stick houses. What happened in the old tale? The big bad wolf huffed and puffed and blew their houses down—and a hacker could do the same with your email data if you’re still relying on a weaker security framework.
Be like the third little pig, and make sure you move into the brick house.
These days, migrating is pretty simple. Most browsers—Chrome, Edge, Safari, Firefox—and apps like Outlook will automatically update, as long as your device is connected to the internet, you follow software update prompts and you regularly restart your device.
Older operating systems such as Windows 7 and 8, or previous versions of Mac OS might not run newer versions of Outlook or Apple Mail. These older systems are particularly vulnerable to attack because they can’t support newer security protocols. In that case, you might want to consider upgrading your operating system.
If you need Webmail-related help, see our page here for helpful user guides, how-to videos and other free resources. This online tool will analyze your browser for TLS support and other vulnerabilities. For a list of supported browsers and email apps, click here.
We want the new TLS security rollout to go as smoothly as possible for our Webmail customers. The best way to avoid problems and ensure you have a good user experience—and the best available security—is to make sure you’re running an updated operating system, browser and email app.
Editor’s note: Ketelhut is Manager of Technical Operations at Arvig.