Scroll

Important Changes to Medidata Web Services Rescheduled for January 6, 2018

NOTICE: Medidata Rave Web Services Change

Has Been Re-Scheduled for January 6, 2018

This is to notify you that the changes to Medidata Web Services (which include Rave Web Services, system integrations and browser access to Rave instances) have been scheduled to occur Saturday, January 6, 2018. 

Please make sure to "follow" this article for any additional updates. (The "follow" button is just under the title of this article near the right margin.)

 

Summary of Event

As part of Medidata's commitment to our customers, we will be improving the security of Medidata's Web Services (which includes Rave Web Services, system integrations and browser access to Rave instances) on Saturday, January 6th, 2018.

 

How is the security being increased?

Medidata will be disabling older, vulnerable encryption algorithms as well as updating load balancers for Rave and Rave Web Services. As a result, any custom client applications integrated with Medidata platform web services must use newer encryption algorithms to access Medidata applications.

 

How do I know if this affects me?

If you are using operating systems or configurations considered obsolete, your access to our platform will be impacted as of January 6th, 2018.

 

How do I update the algorithms? Who should I contact?

The systems which connect to the Medidata platform are enormously varied from customer to customer, so we ask that you contact your Systems Administrator and alert them to our upgrade.

If you use a third party, it's critical to let them know as their environment probably supports multiple customers and may add some complexity to the changes.

Additionally, make sure your platform supports TLS 1.2. Also, you may need to adjust the configuration of any network equipment, such as load balancers, in the environment which brokers transmissions to Medidata.

To assist Clients with verifying their platform supports TLS 1.2 Medidata has created a test Rave instance for checking TLS 1.2 compatibility which includes the removal of 3DES cipher suites. System administrators can test integration software and API connectivity using https://secops-rave-test.mdsol.com.

This test Rave URL has been configured to accept only TLS 1.2 connections. Establishing an HTTPS connection to the web service constitutes a successful test. Credentials are available, however not required for successful testing.

All clients and integration partners should ensure that their browsers and integration software support the TLS v1.2 protocol by default. Therefore, we recommend enabling TLS v1.2 support as part of this effort to upgrade from TLS 1.0 with 3DES support.

The web services software for API calls must support TLS 1.2 by default for all calls initiated by the client. Most current integration software supports v1.2, but it may have to be enabled first in the configuration. Current software excludes versions no longer supported by the software vendor or systems that are not up-to-date with security patches. Please check with the specific software vendor. TLS 1.2 support varies depending on the software and version used for initiating web services.

 

Resources

 

And as always, our Medidata Help Desk is available 24/7 to help you get your system up to date. You may contact our Help Desk via the phone or email us at helpdesk@mdsol.com.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments: 3

  • 0
    Avatar
    Jennifer Eolin

    UPDATE - 11/21/2017: We have added a link that will allow your Systems Administrator to run tests: https://secops-rave-test.mdsol.com.

  • 0
    Avatar
    Jennifer Eolin

    UPDATE - 12/1/2017 - This is to notify you that the changes to Medidata Web Services (which include Rave Web Services, system integrations and browser access to Rave instances) scheduled to occur Saturday, Dec 2nd has been postponed to accommodate all Clients in an effort to ensure a smooth transition. Please read the full article in Help Center for all details.

  • 0
    Avatar
    Jennifer Eolin

    UPDATE - 12/8/2017 - 

    NOTICE: Medidata Rave Web Services Change

    Has Been Re-Scheduled for January 6, 2018

    Please read the full article in Help Center for all details.