O365 News: Security & Compliance Center is getting replaced

Office 365 Security & Compliance Center is getting replaced by 2 new sites:

The administrator experience will change, but this won’t impact your current security and compliance configurations.

The rollout happens February through March 2019.

Office 365 security: 3DES cipher comes to it’s end on February 28, 2019

As part of Microsoft’s plan to move all online services to TLS 1.2, they are retiring 3DES beginning February 28, 2019. As a result, connections using the ciper 3DES will not work.

You can get an overview of your TLS 1.0/1.1 and 3DES usage in Office 365’s Secure Score at http://securescore.microsoft.com

Remember that TLS 1.0 and TLS 1.1 are not supported since October 31, 2018. Fore more details see:


Office 365 will remove support for TLS 1.0 and TLS 1.1 starting October 31, 2018

As of October 31, 2018, Microsoft Office 365 will remove support for TLS 1.0 and 1.1. This means that if you have issues connecting to Office 365 services because of weaker protocols, no support tickets would be generated.

By October 31, 2018, all client-server and browser-server combinations should use TLS version 1.2 (or a later version) to ensure connection without issues to Office 365 services. This may require updates to certain client-server and browser-server combinations.

If you do not update to TLS version 1.2 (or later) by October 31, 2018, you may experience issues when connecting to Office 365. If you experience an issue related to the use of an old TLS version after October 31, 2018, you will be required to update to TLS 1.2 as part of the resolution.

The following are some clients that we know are unable to use TLS 1.2. Please update your clients to ensure uninterrupted access to the service.

•  Android 4.3 and earlier versions
•  Firefox version 5.0 and earlier versions
•  Internet Explorer 8-10 on Windows 7 and earlier versions
•  Internet Explorer 10 on Win Phone 8.0
•  Safari 6.0.4/OS X10.8.4 and earlier versions

Source: https://support.microsoft.com/en-us/help/4057306/preparing-for-tls-1-2-in-office-365

This change comes in the context where of all major web browsers, including Google Chrome, Apple Safari, Microsoft Edge, Internet Explorer, and Mozilla Firefox, altogether announced October 15, 2018 to remove support for TLS 1.0 (20-year-old) and TLS 1.1 (12-year-old) communication encryption protocols in the first half of 2020.

See the official articles here:

Google: https://security.googleblog.com/2018/10/modernizing-transport-security.html
Microsoft: https://blogs.windows.com/msedgedev/2018/10/15/modernizing-tls-edge-ie11/
Apple: https://webkit.org/blog/8462/deprecation-of-legacy-tls-1-0-and-1-1-versions/
Mozilla: https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/