Keeping Your Provider Connections Secure

The Internet seems to be awash with notifications of security vulnerabilities and leaking of details these days. A lot of these vulnerabilities have been based around the SSL and TLS encryption protocols, which are starting to get a bit long in the tooth now. SSL was first invented in 1994, and TLS in 1999, and as time marches on, the earlier versions of these protocols are slowly but surely being replaced with newer ones.

Product Providers are constantly altering the security requirements on their websites and web services and dropping support for the older protocols, meaning that if your computer does not support the newer protocols and is not configured correctly, you will not be able to use these websites and services, including Contract Enquiry.

Last year, we recommended that users disable the early protocol versions for SSL and TLS, and only use TLS 1.2 as this is really the only secure protocol left in the SSL/TLS family. All others have been compromised. Unfortunately, Product Providers have not been quite so pro-active in either adopting the new versions, or dropping old versions, and this has led to some users being unable to connect to certain Providers.

With this in mind, our latest recommendations are a little bit more pragmatic.

1/ Disable all SSL protocols (SSL 2.0 and SSL 3.0)
     SSL is now deemed to be an insecure protocol, and can be easily compromised. Whilst a few platforms and providers still support SSL, they all support newer protocols, so there is no requirement to use these ever again.

internet options tls

2/ Enable all TLS protocols (TLS 1.0, TLS 1.1 and TLS 1.2)
    TLS 1.2 is the only remaining secure protocol, however there are a number of providers and plaforms that have still not adopted either TLS 1.1 or TLS 1.2. Therefore, to ensure that you can still connect to all providers and platforms you will need to be able to use all three of these protocols.

By having all three TLS protocols enabled, your computer will always attempt to connect using the latest and greatest, and downgrade only as required based on the remote server.

The above settings can easily be located in Windows 10 by clicking on the Windows "Start" button and typing "Internet Options". Once you open Internet Options, click on the "Advanced" tab and scroll all the way down to the bottom of the settings list. Simply select/de-select the boxes mentioned above and then click the 'Apply' and 'Ok' buttons to save the changes.

If you were experiencing issues with connections before this, you may need to restart JCS and any web browser sessions before trying again. 




0345 Geographic Numbers

We are pleased to confirm that following a recent review by Ofcom of geographic and non-geographic call number charging transparency, JCS has followed their recommendations and has adopted an 0345 number to ensure that our customers do not get hit by hidden call charges.

Our numbers remain the same but now have prefix of 0345. The 0845 number will still work but our recommendation is for you to start using the 0345 number. For most customers an 0345 number is cheaper than using an 0845 number.


Changes to NHS Pensions in 2015
In April 2015, NHS pension schemes will be changing. At the time of this article, the final details had not been finalised by the NHS, but the main changes can be found here.

SSLv3 POODLE Vulnerability

Another month and another security vulnerability has hit the Internet. This time the vulnerability in question is SSLv3 POODLE, which could allow attackers to downgrade an encrypted communication with a web server and steal information such as cookies.

Shellshock Vulnerability

This week the world was informed of another wide scale vulnerability in Linux and embedded systems. The vulnerability could allow a remote user to execute arbitrary commands on a compromised system, which could allow the attacker to reveal protected information.