When people talk in tech initialisms, do you find yourself glazing over and thinking about what to have for dinner? It’s hard to concentrate when your brain is telling you, “this stuff, it just aint for you”. Don’t feel bad for thinking this way, a lot of us do. But it is a shame because sometimes there are some golden nuggets of information that are surprisingly interesting and relevant to our industry! Take for example TLS.
What is TLS?
TLS stands for Transport Layer Security. It’s a security protocol. It is a method of protecting data from being compromised (by hackers etc) as it is transferred across the internet from one point to another. In simple terms, it adds a layer of code to messages (i.e., an alarm call, a telephone conversation, payments or any other data being transferred) so that unsavoury interceptors cannot break the code and decipher the message.
There are levels of TLS encryption. For example, Appello’s products use TLS 1.2, this is 128-bit encryption; the standard level used by most organisations you will interact with online including banks, online shopping etc.
Why is TLS relevant to our sector?
Telecare and Technology Enabled Care (TEC) service calls had, until recently, been analogue calls. Analogue calls travel along a fixed and physical telephone wire going from one point to another point. Imaginatively, this is called a point-to-point connection. To intercept these types of calls you would have had to physically have access to the wire and get the timing right to intercept the call you wanted to. As you can imagine, this is not a simple or discreet task to undertake which made analogue telephone calls reasonably secure. Now, as we move into a digital era, the industry is sending information over the open internet, and so security in terms of data in transit needs to be considered. We need to protect that data. Hence the relevance of TLS.
Are there other options for protecting data in transit from TEC devices?
Virtual Private Networks
Simply put, yes there are. You can create a VPN (Virtual Private Network) which essentially recreates this point-to-point connection within the company network and therefore enjoys the security protocols that are in place for that network. This is a perfectly acceptable approach but does require a fair amount of maintenance. The VPN’s need to be managed. A VPN connection is required for each TEC site so if managing multiple sites, there will be multiple VPN’s to manage. In a disaster recovery situation, each site’s VPN would need to be recreated manually then redirected to the new back-up site. This would cause delays. The more sites you have therefore, the more time this would take.
Another lovely initialism (we’ll keep this one quick though)! SSL stands for Secure Socket Layer. It was really the precursor to TLS and a level of encryption which has now been superseded by TLS, it relied on a similar mechanism for protecting data (cryptographic protocols). We would not advise this being a good solution for protecting data in transit as it is now deprecated so TLS would be preferred. This is a relatively recent development so you may hear of some organisations still using this method.
So ultimately there are several options, we feel that TLS is the better approach as SSL is outdated and VPN’s (whether using a standard or mobile network) require an ongoing level of management in and can be resource heavy in disaster recovery situation which we believe makes them a little problematic.
So that’s our whistle-stop tour of TLS and why it’s a relevant to the TEC sector. If you have any questions about how Appello uses TLS or TLS generally, please leave a comment below and we’ll get back to you.