Security Upgrade - TLS 1.0

We're improving the security of our systems

What is changing?

TLS ensures that connections made across the internet are secure and data can only be read by authorised users. The TLS 1.0 encryption protocol is being disabled across the Rushcliff suite of products in favour of requiring TLS 1.1 and TLS 1.2 to be used.

Why is this happening?

Data security and integrity are top priorities for Rushcliff. As part of our ongoing commitment to ensuring all Rushcliff products are secure TLS 1.0 is being disabled and either TLS 1.1 or TLS 1.2 will be required when accessing remote resources.

This follows the decision by the PCI security standards council to declare TLS 1.0 as insecure as a result of potential vulnerabilities that have been identified.

Click for further details on the TLS 1.0 vulnerabilities

TLS encrypts information between two points to provide privacy and security of data transmitted and has been in place for many years however several potential vulnerabilities have now been identified by security researchers that would allow attackers to intercept data from secure connections.

TLS 1.0 no longer meets the required criteria to be considered strong cryptography methods and should no longer be used as a security control. Rushcliff has taken a similar decision to many other companies in disabling the use of TLS 1.0.

When will this happen?

Rushcliff will be disabling TLS 1.0 on PPS Local, PPS Sync Server, PPS Activity Manager, PPS Express, PPS Remote and PPS Online Booking on 1st June 2016.

How will this affect me?

Some products or services will be will either be fully or partially unavailable on devices that are incompatible with TLS 1.1 or TLS 1.2. Please see below for information on how the different Rushcliff products will be affected.

If you use the products below this section applies to you:

PPS Local, PPS Sync Server and PPS Activity Manager

Operating systems which are no longer supported: Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008

Following TLS 1.0 being disabled certain functionality that relies on connection to remote resources, such as Rushcliff's servers, will no longer be possible from machines that are not compatible with TLS 1.1 or TLS 1.2:

PPS Sync Server will no longer function.
PPS Activity Manager will no longer function.
The PPS Online Booking Admin Module will no longer be able to connect.
PPS Local licence checking will not work - systems paid for monthly will not be able to update their licence and as such will expire and be inaccessible.
PPS updates will not be available to download preventing systems from being updated to new versions of PPS.
Physiotec will no longer be able to connect through PPS.
Physiotools will no longer be able to connect through PPS.

Due to the reduction in functionality listed above combined with the end of/reduction in support from Microsoft for the above operating systems, PPS Support will only be provided for how-to questions on these operating systems.

Warning - you may need to upgrade your operating system.
You use Unknown. If you are viewing this page on a non-Windows system, you can disregard this message.
If you use PPS Local, PPS Sync Server or PPS Activity Manager through Windows emulation software, such as Parallels or Fusion, the emulated Windows machine needs to be compatible with TLS 1.1 or TLS 1.2. Please reload this page within the emulated machine.

What action do I need to take?

If your operating system is still supported then you do not need to take any action. If your operating system is no longer supported then you may need to upgrade your operating system. Upgrading your operating system may involve either updating or replacing existing machines, your I.T. specialist will be able to provide more information on the options available.

It will be necessary to setup PPS on any new PC's replacing existing machines, the guides below detail the process of moving the PPS database to a machine and setting up a network version of PPS.

How To Move PPS To A New PC

Installing A Network Version

If you use the products below this section applies to you:

PPS Express, PPS Remote and PPS Online Booking

Operating systems which are no longer supported: Windows XP, Windows Vista, Server 2003, Server 2008, OS X 10.8 Mountain Lion and below, Android 4.3 Jelly Bean and below, iOS 4 and below

PPS Express, PPS Remote and PPS Online Booking will be inaccessible from browsers that are not compatible with TLS 1.1 or TLS 1.2
The operating system of the device will need to be updated in order to retain the ability to access these systems.

Patients booking appointments online will no longer be able to so from devices that are not TLS 1.1 or 1.2 compatible. Whilst this change does mean a small number of users may be unable to access Online Booking it is necessary to ensure the system is secure for the vast majority that already use compliant devices.

What action do I need to take?

If your browser is still supported then you do not need to take any action. If your browser is no longer supported it will be necessary to use a browser that supports TLS 1.1 or 1.2. It may be possible to update the current browser on a device to a compatible version or install an alternative browser on the device; if this is not possible a new device may be required. Your I.T. specialist can provide additional information on updates and devices available.

We have tried to cover all bases, however we do understand there may be some specific circumstances which are not included, if you have any further questions please contact us via support@rushcliff.com and we can advise where possible.

PPR Express, PPS Remote and PPS Online Booking Web Browser Compatibility

The table below shows information on browsers that do not support TLS 1.1 or TLS 1.2 and as such will be unable to access PPS Remote, PPS Express and PPS Online booking after 1st June 2016.

Browser	Compatibility Notes
Microsoft Internet Explorer (IE)
Desktop and mobile IE version 11	Compatible with TLS 1.1 or higher by default
Desktop IE versions 8, 9, and 10	Compatible only when running Windows 7 or newer, but not by default.
Desktop IE versions 7 and below	Not compatible with TLS 1.1 or higher encryption.
Mobile IE versions 10 and below	Not compatible with TLS 1.1 or higher encryption.
Microsoft Edge	Compatible with TLS 1.1 or higher by default.
Mozilla Firefox Compatible with the most recent version, regardless of operating system.
Firefox 27 and higher	Compatible with TLS 1.1 or higher by default.
Firefox 23 to 26	Compatible, but not by default. Use about:config to enable TLS 1.1 or TLS 1.2 by updating the security.tls.version.max config value to 2 for TLS 1.1 or 3 for TLS 1.2.
Firefox 22 and below	Not compatible with TLS 1.1 or higher encryption.
Google Chrome Compatible with the most recent version, regardless of operating system.
Google Chrome 38 and higher	Compatible with TLS 1.1 or higher by default.
Google Chrome 22 to 37	Compatible when running on Windows XP SP3, Vista, or newer (desktop), OS X 10.6 (Snow Leopard) or newer (desktop), or Android 2.3 (Gingerbread) or newer (mobile).
Google Chrome 21 and below	Not compatible with TLS 1.1 or higher encryption.
Google Android OS Browser
Android 5.0 (Lollipop) and higher	Compatible with TLS 1.1 or higher by default.
Android 4.4 (KitKat) to 4.4.4	May be compatible with TLS 1.1 or higher. Some devices with Android 4.4.x may not support TLS 1.1 or higher.
Android 4.3 (Jelly Bean) and below	Not compatible with TLS 1.1 or higher encryption.
Apple Safari
Desktop Safari versions 7 and higher for OS X 10.9 (Mavericks) and higher	Compatible with TLS 1.1 or higher by default.
Desktop Safari versions 6 and below for OS X 10.8 (Mountain Lion) and below	Not compatible with TLS 1.1 or higher encryption.
Mobile Safari versions 5 and higher for iOS 5 and higher	Compatible with TLS 1.1 or higher by default.
Mobile Safari for iOS 4 and below	Not compatible with TLS 1.1 or higher encryption.