NOTICE: Medidata Rave Web Services Change
Has Been Re-Scheduled for January 6, 2018
This is to notify you that the changes to Medidata Web Services (which include Rave Web Services, system integrations and browser access to Rave instances) have been scheduled to occur Saturday, January 6, 2018.
Please make sure to "follow" this article for any additional updates. (The "follow" button is just under the title of this article near the right margin.)
Summary of Event
As part of Medidata's commitment to our customers, we will be improving the security of Medidata's Web Services (which includes Rave Web Services, system integrations and browser access to Rave instances) on Saturday, January 6th, 2018.
How is the security being increased?
Medidata will be disabling older, vulnerable encryption algorithms as well as updating load balancers for Rave and Rave Web Services. As a result, any custom client applications integrated with Medidata platform web services must use newer encryption algorithms to access Medidata applications.
How do I know if this affects me?
If you are using operating systems or configurations considered obsolete, your access to our platform will be impacted as of January 6th, 2018.
How do I update the algorithms? Who should I contact?
The systems which connect to the Medidata platform are enormously varied from customer to customer, so we ask that you contact your Systems Administrator and alert them to our upgrade.
If you use a third party, it's critical to let them know as their environment probably supports multiple customers and may add some complexity to the changes.
Additionally, make sure your platform supports TLS 1.2. Also, you may need to adjust the configuration of any network equipment, such as load balancers, in the environment which brokers transmissions to Medidata.
To assist Clients with verifying their platform supports TLS 1.2 Medidata has created a test Rave instance for checking TLS 1.2 compatibility which includes the removal of 3DES cipher suites. System administrators can test integration software and API connectivity using https://secops-rave-test.mdsol.com.
This test Rave URL has been configured to accept only TLS 1.2 connections. Establishing an HTTPS connection to the web service constitutes a successful test. Credentials are available, however not required for successful testing.
All clients and integration partners should ensure that their browsers and integration software support the TLS v1.2 protocol by default. Therefore, we recommend enabling TLS v1.2 support as part of this effort to upgrade from TLS 1.0 with 3DES support.
The web services software for API calls must support TLS 1.2 by default for all calls initiated by the client. Most current integration software supports v1.2, but it may have to be enabled first in the configuration. Current software excludes versions no longer supported by the software vendor or systems that are not up-to-date with security patches. Please check with the specific software vendor. TLS 1.2 support varies depending on the software and version used for initiating web services.
- Attacks on 64-Bit Block Ciphers in TLS and Open VPN
- Protocol Testing Tool: Proposed & Current Cipher Suite Orders
- Microsoft’s Upgrade: