AKO security changes block access for some; users urged to take action
July 8, 2010
A recent series of beind-the-scenes security changes at Army Knowledge Online has caused some users to no longer be able to access the web-based portal.
While the AKO team is working diligently to identify the issues and provide suggested ways to overcome them, users who are having access issues are advised to read the information below and take action as necessary.
<b>Conversion to NIST/NIAP-approved Secure Sockets Layer (SSL) encryption FAQ</b>
<b>Q: Why are these changes being made' </b>
A: Army Reg 25-2, Sec 6-1B requires that all Unclassified and Sensitive Information systems use NIST/NIAP-approved SSL. AKO/DKO is making changes to support this requirement.
<b>Q: How do I know if I need to make these changes'</b>
A: If you use Microsoft Internet Explorer 6 or higher go to: Tools > Internet Options> Advanced Tab, scroll down to the Security section. If the "Use TLS 1.0" option is checked, you do not need to do anything. If it is not, check it and click OK.
If you use Mozilla Firefox, go to: Tools > Options > Advanced > Encryption. If the "Use TLS 1.0" box is checked, you do not need to do anything. If it is not, check it and click OK.
<b>Q: What do I need to do to make my browsers compliant' </b>
A: If you use Microsoft Internet Explorer 6 or higher , verify it is configured correctly. To do that, go to: Tools > Internet Options> Advanced Tab, scroll down to the Security section and ensure that the "Use TLS 1.0" option is checked, then click OK. If this option is not available, please ensure you have the latest updates for Microsoft Internet Explorer and then try again.
If you use Mozilla Firefox, go to: Tools > Options > Advanced > Encryption and ensure that the "Use TLS 1.0" box is checked, then click OK.
<b>Q: What happens if I don't make these changes'</b>
A: You will not be able to access AKO or any of its related services (e.g., IM, Webmail, files).
<b>Q: What is SSL'</b>
A: SSL, which stands for Secure Sockets Layer, is a commonly used method for managing the security of a message transmission on the Internet.
<b>Q: How can I talk with someone about this'</b>
A: You can call the Army Enterprise Service Desk 24x7 at 866-335-ARMY (866-335-2769).
<b>Q: What about non-Web browser services like IMAP/POP'</b>
A: All AKO/DKO Services like Portal, Webmail, and IM as well as e-mail based services like IMAP and POP will use only NIST/NIAP-approved SSL algorithms. Check your application's vendor documentation to ensure it is capable of using NIST/NIAP-approved cryptographic algorithms.