Securing the transport layer
March 30th, 2020
Deprecating older versions of TLS
Freshworks is committed to implementing and practicing security controls to ensure information systems and customer data used as part of our offerings are protected.
Freshworks ended support for Transport Layer Security (TLS) 1.0 for our products in 2016 and at that time standardized support for TLS 1.1 and above. Since then, TLS 1.1 as a protocol has become outdated, as it does not support modern cryptographic algorithms and also exhibits known security vulnerabilities that are exploitable by attackers. The Internet Engineering Tasks Force (IETF) is planning to officially deprecate TLS 1.1 and recommend TLS 1.2 and above for secure use of Transport Layer security.
Following the tenets of Freshworks philosophy of Security By Design & Default, as of 30th April 2020, TLS 1.1 will no longer be supported in Freshworks products. This deprecation will reduce the attack surface and strengthen the security posture for both Freshworks and the hundreds of thousands of businesses relying on our products. Freshworks will continue to support TLS 1.2 to provide a higher degree of data integrity and to maintain compliance with the latest industry standards.
Freshworks recommends all customers use modern, updated web browsers for accessing our SaaS products. All customer endpoints (browsers, mobile, API, etc..) will be required to support TLS 1.2 after April 30, 2020 date in order to securely access our services.
For more information, please refer to our product-specific support articles for freshdesk, freshservice, freshchat, freshcaller and freshsales.
Reach out to support@freshworks.com in case of any queries.
Securing the last mile
Last mile security is as critical as data centre or platform security and security is a shared responsibility in a cloud model. We recommend the following best practices that you could follow at your end to security of your data at your side.