Are You Doing Enough to Protect Your Applications and Data?
Industry changes are requiring application developers and IT administrators to up their security game
By Roger Andrews, CTO and Synergy/DE Architect
There are already a crazy number of security threats to enterprise applications, and it’s only going to get worse. It’s more important than ever to keep your software and systems current. There are two big changes coming soon that will impact the security of enterprise applications on Windows. Later this year, OpenSSL will end support for versions prior to 1.1.1. And next January, Microsoft will end support for Windows 7 and Windows Server 2008 R2. Application developers and IT administrators need to think security first and stay vigilant to keep their systems safe.
OpenSSL is increasing security level
OpenSSL is an industry-standard software library that applications use to secure network communications. This open-source library is continually updated to increase security and fend off new threats. Synergex uses OpenSSL to implement data encryption in its network communication products: xfServer, xfServerPlus, the HTTP document transport API, and SQL Connection. OpenSSL released version 1.1.1 last September, and later this year, it’ll end support for versions prior to 1.1.1. If you use the encryption features in these Synergy/DE products on Windows, you will need to upgrade to Synergy/DE 11. See OpenSSL’s release strategy page and 1.1.1 announcement blog for more information. Note that on non-Windows platforms, OpenSSL is shipped as part of the OS, and some manufacturers may not update to OpenSSL 1.1.1. As long as the manufacturer supports the OS and provides security patches for it—and you keep up with those security patches—your system should remain secure.
Microsoft is ending support for Windows 7 and Windows Server 2008 R2
Windows 7 and Windows Server 2008 R2 were released almost ten years ago, and Microsoft will end support for them on January 14, 2020. After that date, Microsoft will not provide security updates for these operating systems, which will make them extremely vulnerable to security risks. Microsoft strongly encourages you to move to Windows 10 and Azure to keep your systems safe. Consumer Reports quotes Vyacheslav Zakorshevsky, head of anti-malware research at Kapersky labs, who says “When someone is using an outdated version of the operating system, this increases their risk of being attacked through an exploit: a program, piece of code, or even some data designed to take advantage of a bug in an application.” And earlier this month, the NSA even issued an advisory about a specific threat called BlueKeep, which can affect Windows 7 and other older Windows versions.
Synergy/DE 11 delivers security enhancements
Just as we encourage application developers to think security first, Synergex has made security one of its top priorities, and is committed to providing you with tools that enable you to make your applications secure. Synergy/DE 11, now available in beta, includes these important security enhancements:
- Enhanced encryption security for the HTTP API, xfServer, xfServerPlus, and SQL Connection.
- Support for OpenSSL 1.1.1, which will be an industry requirement on Windows when OpenSSL stops supporting lower versions later this year.
- Enforcement of a higher TLS level. Synergy/DE 11 defaults to TLS 1.2, and TLS 1.0 is no longer supported.
- Ability for xfServer and xfServerPlus services to run as non-root/admin accounts via the new “run as user” security mode on Windows and “effective user” on Unix.
Stay current and secure
Application developers and IT administrators owe it to their users to keep their systems secure (and their future business success depends on it). Those of you in industries that dictate your security standards have an even higher level of obligation. If you use the encryption features in any of our network products on Windows, you will need Synergy/DE 11 security to meet your industry requirements.
In addition to these big industry changes mentioned above, Windows, Linux, and other platforms frequently release security-related updates. One of the easiest things you can do to stay secure is to keep current with these operating system updates.
Keep in mind that upgrading to Synergy/DE 11 does not require you to recompile your applications. As long as they were built with Synergy/DE 10.1.1 or higher, your applications will run just fine with Synergy/DE 11. (If they were built with an older Synergy/DE version, you should recompile them. Synergy/DE 10.1.1 is the lowest Synergy/DE version with a supported OpenSSL version.)
For more information about Synergy/DE 11, see the Synergy/DE 11 beta page.