As an admin for a Salesforce org that has received our previous communications around the TLS 1.0 disablement, we want to notify you that the Salesforce TLS 1.0 disablement date has been extended to July 22, 2017.
Why is Salesforce extending the disablement date?
The disablement of TLS 1.0 is being undertaken so we can maintain the highest security standards and promote the safety of your data as well as align with industry-wide best practices.
To ensure customers are comprehensive in their preparation and take all necessary steps to accommodate this change, including assessment of third-party integrations, we’ve decided to extend the TLS 1.0 disablement deadline to July 22, 2017.
What action do I need to take?
Identify users and integrations using TLS 1.0 and ensure those connections are ready to support TLS 1.1 and higher by July 22, 2017.
Check out the TLS 1.0 Disablement Readiness Checklist (login required) for best practices on how to prepare for this change. You will continue to receive targeted reminders with guidance and best practices for upgrading to the recommended security protocols.
How can I identify users or integrations still using TLS 1.0?
During the Summer '16 release, Salesforce introduced the "TLS Protocol" and "TLS Cipher Suite" fields into the Login History object to help customers prepare for the TLS 1.0 disablement. Admins can add these fields to the Login History report to identify users or integrations still using the TLS 1.0 encryption protocol. These fields can also be added to the standard login history administrative report as well as List Views on the Login History page. For a complete walk-through of running the Login History report to identify TLS 1.0 connections watch our Login History demo. Read the Monitor Login History article for more information.
NOTE: All users can access their own login history data. However, only admins with the "Manage Users" permission can access login history for all users in their org. If you do not have the "Manage Users" permission enabled for your user account, coordinate with another admin in your org or to run login history reports.
How can I get more information?
We are running weekly webinars through the new disablement date. Register here for any of the upcoming webinars to hear directly from our security experts about this change and ask any questions you may have about the upgrade process.
Review the Salesforce disabling TLS 1.0 article and post any questions to the Official: Salesforce Infrastructure Success Community group. For a brief overview of the TLS 1.0 disablement and some best practices, you can also watch the TLS 1.0 in 6 Minutes video.
For additional questions, open a case with Support via the Help & Training portal.