Scroll

Notification: Browser Vulnerability Alert - Update 9/28/2017

Important information regarding your iMedidata Access starting October 1, 2017

There will be changes to the Medidata Platform
which may stop your ability to access Medidata Applications
via iMedidata from an unsupported browser.

 

To ensure that our software operates with current security standards, Medidata’s products will only run on modern browsers that have Transport Layer Security (TLS) enabled, which is an industry standard protocol designed to protect the privacy of information communicated over the Internet.

If you are unable to upgrade your existing, unsupported, browser version at this time, you may be able to continue to use your existing browser if your browser settings can be changed to enable TLS 1.2.

What is not changing

  • Your account login and account credentials will remain the same.
  • Your bookmark, the link, or desktop icon which you utilize daily to access the iMedidata or Rave EDC system.

What you need to do

  • First, please contact your local IT/Desktop Support department to advise them that your existing browser needs to have its settings adjusted to enable TLS 1.2.
  • Read on for additional information on enabling TLS 1.2 on unsupported browsers.

Reference - Unsupported Browser Versions

  • Microsoft Internet Explorer - Versions older than 8.0 (IE6 and IE7)
  • Google Chrome - Versions older than 30.0
  • Firefox - Versions older than 24.0
  • Opera - Versions older than 17.0
  • Safari - Versions older than 7.0

If you need to update your browser, please visit one of these sites:

We’re here to help…

If you have any questions regarding these changes, or if you would like to test your newly upgraded browser, please contact our Medidata Help Desk.

***********

If you are unable to update your browser,

please keep reading...

 

Accessing Medidata Platform with old browser versions

A banner message similar to the one pictured here will be displayed at the top of the log-in page when accessing Medidata Platform with any of the outdated browsers listed below. (NOTE: If this banner message does NOT appear, your browser does NOT require upgrading at this time):

1.PNG


Safe/ideal browsers include the following (or newer) versions. These browsers may be used without any required action:

  • Microsoft Internet Explorer (IE) 11
  • Chrome 30 (latest versions)
  • Firefox 27
  • Opera 17
  • Safari 7

Please also note that although the banner message will not be displayed, browsers other than those listed above may require additional settings changes to correspond with future security changes.

The actions you may be required to take are dependent upon which browser version you are currently using.

  • Browsers that need to upgrade: Those listed above (Chrome <30, Firefox <27, IE <11, Safari <7, Opera <17)

These versions are required to upgrade to a ‘Safer’ browser version.  

  • Browsers which may be used with adjusted settings: IE 8-10, Firefox 24-26, some Google Chrome versions above 30, excluding latest versions

These versions should either be upgraded to a newer browser version or may still be used with some additional adjustments listed below.

*** If you wish to continue using one of these unsupported versions, please contact your local IT/Desktop Support department to assist in reviewing the instructions below and to change the TLS settings appropriately.

 

Internet Explorer Settings:

Confirm TLS setting and enable TLS1.2 in your browser

  1. Click the “Tools” icon in the top right corner and select ‘Internet options’.

* Alternatively, press the Alt key to bring up the menu, then click ‘Tools’ and select ‘Internet options’.

2: Go to the ‘Advanced’ tab on the right and scroll down to the Security section to confirm if “Use TLS 1.2” is selected. If not, please mark the check box and click on Apply before closing the window.

* If you are using IE8 on Windows Vista, you will only find the “Use TLS 1.0” check box. In this case, you should contact your organization’s IT department to upgrade the browser or OS to be compatible with TLS1.2 communication.

Confirm Go Daddy G2 root certificate is installed

3: From ‘Internet options’, go to the ‘Content’ tab and click on ‘Certificates’

 

4:Select the ‘Trusted Root Certification Authorities’ tab and confirm that ‘Go Daddy Root Certificate Authority – G2’ is listed.

* If your PC has Windows Update enabled, the latest versions of certificates are installed to your machine with Windows patches. In most cases, ‘Go Daddy Root Certificate Authority – G2’ will have already been installed. If you cannot find ‘Go Daddy Root Certificate Authority – G2’, please contact your organization’s IT team and follow their advice.

Mozilla Firefox Settings:

Confirm TLS setting and enable TLS1.2 in your browser

  1. After accessing Rave or iMedidata, click on the Padlock icon at the left side of the address bar, then click on the ‘More Information…’ button.

2: Click on the ‘Security’ icon and confirm your current TLS version.

If “TLS 1.2” is included in the list contained under ‘Technical Details’, then no further action is required and you may close the window.

If you do not see “TLS 1.2”, then please proceed to the next step.

3: To set-up TLS 1.2, enter the text “about:config” in the address bar on the browser and press Enter. Please make sure no spaces are entered.

4: An alert screen will appear but go ahead and click on the “I’ll be careful, I promise!” button.

5: The Configuration window will appear. In the Search bar, enter the text “security.tls.version” and press Enter.

6: Right click on “tls.version.min” and select Modify.

7: In the pop-up window, change the value to “1” and click OK before closing the browser.

* If ‘1’ is set for ‘security.tls.version.min’, TLS 1.0 / TLS 1.1 / TLS 1.2 are enabled.

Confirm Go Daddy G2 root certificate is installed

  1. Click the ‘Open menu’ icon at the top-right of the window, and select ‘Options’.

9. Select ‘Advanced’ from the left pane. Go to the ‘Certificates’ tab and click ‘View Certificates’

10. Select the ‘Authorities’ tab and confirm ‘Go Daddy Root Certificate Authority – G2’ is listed.

Google Chrome Settings:

If your browser is a version less than Chrome 30, please contact your local IT team to upgrade to the latest version permitted within your organization. After upgrading your browser, please check the TLS setting. If the upgraded browser does not use TLS1.2, you can enable it by following the instructions below.

* The latest browser versions enable TLS1.2 as default and you may not need to change your settings manually.

Confirm TLS setting and enable TLS1.2 in your browser

  1. After accessing Rave or iMedidata, click on the Padlock icon at the left side of the address bar, and then click on the ‘More Information…’ button.

2: Select the ‘Connection’ tab and confirm which version is being used for TLS communication.

If you do not see “TLS 1.2”, then please proceed to the next step.

 

3: Click the ‘Customize and control Google Chrome’ icon, then select ‘Settings’.

4: Click on ‘Show advanced settings…’ at the bottom of the page.

5: Click on ‘Change proxy settings…’ in the ‘Network’ section.

6: The ‘Internet Options’ window will be displayed.

Go to the ‘Advanced’ tab on the right and scroll down to the Security section to confirm if “Use TLS 1.2” is selected. If not, please mark the check box and click on Apply before closing the window.

* Please note that the window name may vary (e.g. ‘Internet Properties’) according to your browser version).

 

Confirm Go Daddy G2 root certificate is installed

  1. Click the ‘Customize and control Google Chrome’ icon and select ‘Settings’, then select ‘Show advanced settings’.

* These steps are exactly the same as those described in “Confirm TLS setting” section above. Then click ‘Manage certificates’.

8. Select the ‘Trusted Root Certification Authorities’ tab and confirm ‘Go Daddy Root Certificate Authority – G2’ is listed.

Please contact your local IT/Desktop Support if you experience any issues with the settings/upgrades or if you have any questions.

Was this article helpful?
7 out of 9 found this helpful
Have more questions? Submit a request

Comments: 1

  • 0
    Avatar
    Jennifer Eolin

    This article has been updated: 9/28/2017