At Blackbaud, your security is our priority. Your organization may need to take action to ensure that your software solutions are compliant and your payment processing capabilities remain secure!|
As the cloud software partner to many leading social good organizations, we have world-class security, privacy, and risk management teams that work around the clock every day to ensure that your data is safe and accessible to you.
As part of our commitment to sector-leading security and in alignment with industry best practices set forth by the PCI Security Standards Council, Blackbaud is disabling TLS (Transport Layer Security) 1.0 encryption protocol across all its solutions on March 15, 2018 which will require an upgrade to TLS 1.1 or higher prior to that date. If you are on a Blackbaud cloud or hosted solution and receive upgrades automatically, you are always current and always compliant. However, there is information you will need to relay to your constituents.
Your organization will need to take action to ensure that your Blackbaud solutions continue to be compliant, specifically that the payment processing capabilities in your solutions remain secure. But don’t worry! We’re giving you ample time to prepare and a wealth of resources to keep the process simple and painless. Prior to March 15, 2018:
- Ensure that you have upgraded to TLS v.1.1+ accepted Blackbaud products.
See versions of Blackbaud products that support TLS v.1.1+
- Ensure that your OS and browsers have been upgraded to support TLS v1.1+.
See operating systems and browsers that support TLS v.1.1+
- Notify your constituents to upgrade their OS and browser to TLS v.1.1+ supported versions, to ensure continuity of communications and transactions. For example, donors, patrons, parents and students accessing donor pages, store fronts, community pages and online registration pages hosted within on-premise environments are susceptible to vulnerability and connectivity issues if they do not upgrade their OS and browser to support TLS v.1.1+
- If you are a Blackbaud customer, please use this form to let us know the status of your TLS compatibility upgrade. To remain PCI-compliant and to ensure your data is safe, Blackbaud is deprecating TLS 1.0 in all solutions on March 15, 2018. In order for us to assist you and confirm that you are prepared for the depreciation deadline, please complete this form as soon as possible!
What is TLS?
TLS stands for “Transport Layer Security.” It is a protocol that provides privacy and data integrity between two communicating applications. It’s the most widely deployed security protocol used today, and is used for web browsers and other applications that require data to be securely exchanged over a network. TLS ensures that a connection to a remote endpoint is the intended endpoint through encryption and endpoint identity verification. The versions of TLS to date are TLS v.1.0, v.1.1, and v.1.2.
What is changing and why?
Blackbaud is committed to maintaining the highest security standards in our solutions to ensure that customers have access to the latest security protocols. Per the PCI Council, TLS v.1.0 will be considered obsolete and a PCI violation by June 30, 2018. The TLS encryption protocol upgrade is a mandatory, industry-wide security update, mandated by the PCI Security Standards Council and affecting a wide range of software solutions in your environment, not just Blackbaud solutions.
How does this impact me?
Blackbaud is requiring customers to upgrade to versions of their products that support TLS v.1.1 or higher by March 15, 2018. On that date, Blackbaud will begin disabling the TLS v.1.0 encryption protocol in our solutions, so Blackbaud can complete development and testing prior to the PCI Council’s June 30, 2018 deadline. After March 15, 2018, customers still using TLS v.1.0 will not be able to access some of their Blackbaud solutions.
I have a hosted or cloud Blackbaud solution. Does this impact me?
For customers of our cloud solutions (such as Raiser’s Edge NXT, Financial Edge NXT, Luminate CRM, eTapestry, and Altru), you are always current and always compliant. We have or will soon automatically release TLS v1.1+ compliant versions of your solution and you don’t need to take steps to upgrade your software. The same is true if you are on hosted versions of Raiser’s Edge 7 or Financial Edge 7. Customers hosted on Blackbaud CRM/Blackbaud Internet Solutions where upgrade schedules are determined by customers, need to ensure that their software has been upgraded to a version that is TLS v.1.1+ compliant.
However, you will need to ensure that your OS and browsers have been upgraded to support TLS v1.1+, and you need to notify your constituents of this as well. See below for the actions you need to take.
What will happen if we don’t upgrade?
After Blackbaud begins to disable TLS v.1.0 on March 15, 2018, if you haven’t made the required updates, you will no longer be able to access some or all of your Blackbaud solutions and services that rely on TLS v.1.0; they will fail. This will impact a number of Blackbaud solutions, including access to websites.
See examples of connectivity issues both hosted and on-premise clients will experience if they do not upgrade their OS and browser to support TLS v.1.1+.
How will my donors and constituents be impacted?
If you don’t upgrade to a version of your Blackbaud solution that supports TLS v.1.1 prior to the March 15, 2018 deadline, not only would you not be able to access your Blackbaud solutions, but your constituents, including donors, may not be able to access your websites and/or process donations/payments.