Information on “POODLE” vulnerability

IMPORTANT SECURITY INFORMATION

As you may be aware, the Google security team recently announced details of vulnerability in the design of SSL version 3. The issue is being referred to as the “POODLE” vulnerability and the possibility exists for communications using SSL3 to be intercepted and deciphered. The CVE ID for this exposure is listed on the National Vulnerability Database (NVD) as CVE-2014-3566.

This vulnerability can affect any transmissions using the SSL3 protocol and is not limited to iStream, any other vendor or website. You are being informed of this change to ensure the necessary actions required take place to protect the security of your data by migrating to TLS as soon as possible.

IF YOUR BROWSERS USE SSL3, THE CONTENT YOU ARE SENDING IS NO LONGER SECURE.

The iStream system is not affected by this security vulnerability and already supports the TLS protocol that is being recommended, but any browser communicating through SSL3 is subject to the vulnerability and we strongly encourage you to mitigate this vulnerability by disabling SSL3 and migrating to TLS as soon as possible. Failure to act on this could allow a 3rd party to assume your user identities. At some point we will disable browser communication access from any SSL3 connection. We will provide follow-up correspondence at that time.

We have included the following information regarding changes to various browsers to assist you in migrating from SSL3. Please consult with your IT team regarding these changes.

For more information about the POODLE vulnerability, please visit:http://www.symantec.com/connect/blogs/ssl-30-vulnerability-poodle-bug-aka-poodlebleed

For additional information on how to configure web browsers properly to eliminate this vulnerability, please visit:  https://zmap.io/sslv3/browsers.html

iStream prides itself on providing the highest level of security for its customers. This notice serves as part of our ongoing commitment to provide you with the highest security standards possible. As noted above, it is best to deal with your IT team or your computer/network system support team. However, should you have additional questions, please contact the iStream Customer Care Department at 1-888-892-1212.

Thank you for your business and continued support of iStream Financial Services!

James G. Gorst
Sr. Vice President and Chief Risk Officer
iStream Financial Services, Inc.

We were approached by many banks to use their product but since iStream and SchoolLeader were an all-in-one solution, it was the best way to go, we saved time and money! Cory Bullock - Kiddie Academy of League City
View More Testimonials
UCC Article 4A Disclosure