This article answers the most common questions we receive about our 2021 Security Initiative.
What is 3PL Central's 2021 Security Initiative?
To comply with security best practices, we are discontinuing our support for HTTP protocol on June 30, 2021. To that end, we are requiring that all of our customers migrate to and utilize the HTTPS encrypted communication protocol for all communication with our systems. In most cases, the changes required will be minimal.
What is the difference between HTTP and HTTPS?
HTTP lacks the security mechanism to encrypt your data, whereas HTTPS provides TLS or SSL Digital Certificates to secure the communication between your web server and client. Using HTTPS (note the “S”, which stands for “secure”) ensures a more secure transfer of data.
It may also be helpful to think of it as an analogy—think of your web server as your own home and HTTP as the standard lock on your front door. What’s stopping an ill-intended individual from bypassing the lock on your front door and entering your home through your side door or through an unlocked window? Upgrading your home security to use deadbolt locks and a basic security system is similar to boosting your cybersecurity by directing your web server to utilize HTTPS when communicating with other systems.
How can I tell if this security change requires action on my part?
If any of the below statements apply to you, you must check with your IT administrator to see if your communication protocols are set to HTTP or HTTPS.
- You and/or your customer utilizes an API integration that was not built or deployed by 3PL Central
- Your warehouse leverages our QuickBooks integration for accounting purposes and uses a Desktop version (not QuickBooks Online)
- Your customer leverages our legacy QuickBooks integration for order imports
- Your warehouse uses our classic mobile scanning solution (not SmartScan)
If these statements do not apply to you, no further action is required on your part at this time.
What steps do I need to take if I believe this change requires action on my part?
The process varies depending on which of your products are using HTTP, so we’ve created the following help articles to help you better understand what your next steps are:
- Updating Custom API Integrations to Use HTTPS
- Updating QuickBooks Desktop to Use HTTPS
- Updating Classic Mobile to Use HTTPS
What if I don’t know how to make these changes or it’s not working?
We highly recommend consulting with an IT professional to ensure all your systems are utilizing HTTPS in a timely and efficient manner.
- In the case of custom-built API integrations, you’ll want to work with the entity that built the connection. This may be your IT team or a contracted API developer.
- In the case of QuickBooks Desktop, please feel free to reach out to our Technical Support team if you are having trouble locating this file to update.
- In the case of classic mobile, we recommend working directly with the party responsible for configuring your devices. If you are unsure who that is, you can work with our recommended hardware provider Emkat by reaching out to firstname.lastname@example.org.
What happens on July 1st if I still haven’t taken action?
If you haven’t taken action, you’ll likely experience a number of errors indicating that the server could not be reached. Any conversations these integrations attempt to have with the WMS will not be successful until you update your scanning devices and integrations to comply with our security standards.