Protege GX cybersecurity changes: What you need to know

The first of a new series of quarterly updates. Image: ICT.

ICT has announced a new series of quarterly Protégé GX updates aimed at delivering stronger protection by default. The first update is available now.

In the first of a new series of quarterly updates, Protege GX 4.3.402 receives bolstered security with stronger password defaults, encrypted connections (TLS 1.2/HTTPS), and a new path forward for browser-based access.

According to ICT, there are a few things you’ll need to do when upgrading existing sites. At a high level:

Plan to upgrade server, clients, SOAP and web client together
Confirm encrypted connections are in place before the upgrade
Notify operators they’ll need to set a new password at next login
Decide whether to upgrade the legacy Web Client or move customers to the new Web App

The headline rule: upgrade everything together. Server, clients, SOAP, and web client need to move at the same time. If they don’t, parts of the system won’t communicate.

What’s changing

Stronger passwords by default. ICT is tightening operator password requirements so every Protege GX system starts from a stronger baseline. After upgrading, operators will be prompted to reset their password the first time they log in — a quick, one-time step.

This applies to operator accounts used by SOAP integrations and mobile apps as well, so it’s worth identifying those ahead of time. Those applications will fail to connect until the passwords are updated.

Protege GX components will now only talk to each other over encrypted connections — TLS 1.2 between server, clients and SOAP service, and HTTPS for web client, entry station, and mobile app traffic.

“If your customers rely on specific Web Client features, the Protege GX Web App Installation Manual has the current feature comparison so you can decide which path fits each site.”

For sites already running encrypted communications, this is business as…

Source