NOTE: We STRONGLY recommend upgrading to Internet Explorer 11 or Safari 8 to avoid having to make subsequent changes as new security vulnerabilities are found. Effective May 27th support is removed for TLS v.1.0 and 1.1. Please ensure you are using the latest web browser.
In lieu of recent events, the wiTECH 2.0 application is undergoing changes to enhance the security stance of the diagnostic system. Some changes may not be convenient, but are completely necessary to protect the application and vehicles being serviced from being vulnerable to potential exploits. It is also important to understand that wiTECH 2.0’s security has a much higher priority because it is a cloud application operating on the Internet. The following list will help you understand some of the upcoming and already implemented security changes.
1: Splitting microPOD Use with wiTECH 1.0 and wiTECH 2.0
Because wiTECH 1.0 and wiTECH 2.0 have completely different infrastructures, it was necessary to separate the operating systems for the microPOD to meet our security model. Maintaining a cross-compatible operating system would result in reducing our security stance. While this may not be convenient, we are asking the dealerships to dedicate resources for the wiTECH 1 and wiTECH 2 applications. If you have the older VCI Pod, which is not supported by the wiTECH 2 application, this would be a good choice for wiTECH 1. If not, please purchase a microPOD to fulfill this role.
2: Supporting Only Newer, More Secure Browsers
In order to secure the environment, the application will be moving to support only newer, more secure browsers. The following list of browsers will be supported:
-Internet Explorer 10*
-Internet Explorer 11+
-Safari 7+
*Internet Explorer 10 will not be compatible by default, but can be configured. We strongly recommend upgrading to Internet Explorer 11, but you can learn how to configure Internet Explorer 10 at the following article: Configuring Internet Explorer 10 to Use TLS 1.2.
For those using other browsers, which are not officially supported by wiTECH 2, the browser must support TLS 1.2 protocol.
3: Supporting Only the More-Secure HTTPS
Additionally, we are moving to use ONLY a secure hypertext transfer protocol (HTTPS). By default, browsers use HTTP, and the wiTECH 2.0 application will no longer support HTTP. This means that HTTPS must be specified in the URL when navigated to the website. For example, login.fcawitech.com will not work whereas https://login.n.fcawitech.com will work. We strongly recommend that you update your bookmarks to a URL specifying HTTPS in order to facilitate this change in the near future.
4: Allowed Domains
The following domains must be whitelisted and accessible in order to use the wiTECH 2.0 application:
-fcawitech.com
-dealerconnect.com
5: Removal of WEP and Unsecured Open Wi-Fi.
In the upcoming months, the microPOD will no longer support older security protocols when connecting to Wi-Fi. WEP-based security and unprotected wireless connections will no longer be allowed. Only WPA- based security types will be supported. If you are using the FCA US provided networking equipment, this is already properly configured for you.
Article Number: 254
Posted: Thu, Sep 3, 2015
Last Updated: Fri, May 4, 2018
Posted: Chris Ordner
Online URL: https://kb.fcawitech.com/article/important-security-changes-254.html