Securing the transport layer

March 30th, 2020
Deprecating older versions of TLS

Freshworks is committed to implementing and practicing security controls to ensure information systems and customer data used as part of our offerings are protected. 

Freshworks ended support for Transport Layer Security (TLS) 1.0 for our products in 2016 and at that time standardized support for TLS 1.1 and above. Since then, TLS 1.1 as a protocol has become outdated, as it does not support modern cryptographic algorithms and also exhibits known security vulnerabilities that are exploitable by attackers. The Internet Engineering Tasks Force (IETF) is planning to officially deprecate TLS 1.1 and recommend TLS 1.2 and above for secure use of Transport Layer security. 

Following the tenets of Freshworks philosophy of Security By Design & Default, as of 30th April 2020, TLS 1.1 will no longer be supported in  Freshworks products. This deprecation will reduce the attack surface and strengthen the security posture for both Freshworks and the hundreds of thousands of businesses relying on our products. Freshworks will continue to support TLS 1.2 to provide a higher degree of data integrity and to maintain compliance with the latest industry standards. 

Freshworks recommends all customers use modern, updated web browsers for accessing our SaaS products. All customer endpoints (browsers, mobile, API, etc..) will be required to support TLS 1.2 after April 30, 2020 date in order to securely access our services. 

For more information, please refer to our product-specific support articles for freshdesk, freshservice, freshchat, freshcaller and freshsales.
Reach out to support@freshworks.com  in case of any queries.
 

 

 

Securing the last mile

Last mile security is as critical as data centre or platform security and security is a shared responsibility in a cloud model. We recommend the following best practices that you could follow at your end to security of your data at your side.

Secure authentication 

You can enforce strong authentication mechanisms using our SAML services or tune-up the password rules from the admin console.

Role based access

 Enforce differential access based on the users’ responsibilities to limit access based on the principle of least privileged access and prevent conflict of interest.

Secure APIs

Update your APIs as and when we bring in new releases and notify you. 

Access Administration

Establish processes to provide appropriate access to your users and remove accesses that are no longer valid.

Custom SSL

The products come with the option of implementing custom SSL certificates that let you secure the solution for a safe and personalized experience.

IP Whitelisting

Establish authorized and exclusive connections by whitelisting your IP Addresses in our services.

For any suspected incidents on your freshworks portal, kindly contact security@freshworks.com