As you will no doubt be aware, security on the internet is an ever evolving activity, and as such TLS1.0 is actively being retired from many services. This is due to known vulnerabilities that directly impact the integrity and security of communications, and these vulnerabilities are unable to be fixed in this older version of TLS.
MYOB is dedicated to ensuring the security of our client's data and in 2017 our API infrastructure was upgraded to support TLS1.1 and TLS1.2 while allowing TLS1.0 connections as a fallback. Now is the time for us to remove this fallback, so as of 30th September 2018 the MYOB API will no longer accept connections using TLS1.0.
What will happen?
If you are using TLS1.0 and you choose to do nothing, your TLS1.0 calls to our API will be blocked and will fail. These calls will be considered insecure and will be blocked at the gateway.
What do I need to do?
You need to upgrade your infrastructure to ensure your API calls are using TLS1.1, TLS1.2 or greater, you will no longer be able to use on SSL3 or TLS1.0. Your teams will need to look at the impact of this and the change required for your calls to the MYOB API.
Once you update your servers to support TLS1.1 or greater, there is nothing else to change.
I use the .NET SDK what do I need to do?
Technically, nothing provided the underlying .NET framework you are using is setup to use TLS1.1 or TLS1.2 you are fine. The SDK will rely on your framework. However, it's as good a time as any to suggest making sure you are up-to-date with the SDK - download it here.