PowerSchool Mobile Upcoming Security Update for Self-Hosted PowerSchool SIS Customers

No ratings

Dear valued PowerSchool Customer,

 

PowerSchool is committed to providing the highest quality products and services to our K-12 education customers. For PowerSchool to continue providing the highest quality support, we are notifying you of upcoming changes to our PowerSchool SIS Mobile application that may impact your Parent and Student users.

 

This announcement serves as an early notice that the PowerSchool SIS Mobile team will be releasing a security update to the PowerSchool Mobile app on September 4th, 2020 that will discontinue support for PowerSchool Mobile SIS self-hosted customers with any of the following environment configurations:   

  1. No Secure Sockets Layer (SSL) on your PowerSchool SIS server (http server address). 
  2. An insecure SSL configuration or expired SSL certificate on your PowerSchool SIS server. 
  3. A deprecated Transport Layer Security (TLS) version on your PowerSchool SIS server (minimum supported TLS version is 1.2). 
  4. Mobile App SSL is not enabled on your PowerSchool SIS Mobile Registration Page
  5. Misconfigured settings on your PowerSchool SIS Global Server Settings Page

 

Self-Troubleshooting Guide

There are a few key items that can be done or checked by a District Administrator to ensure your users are not impacted by the upcoming security change.

 

  1. Verify your PowerSchool SIS Version is a supported version.
  2. Verify your current SSL and TLS settings by entering your PowerSchool server URL hostname on the Qualys SSL Labs website. The test results will inform you of your current TLS version and provide details on your SSL configuration.
    • If you receive any errors we recommend you contact your SSL provider to resolve such errors. Some example errors are shared below that must be resolved in order for your users to continue the use of the PowerSchool Mobile app.
      ChainIncomplete.png
      SSLNotTrusted.png
      SLLFailed.png
    • Your server must support TLS version is 1.2. If it does not support TLS 1.2, we recommend you contact your SSL provider to upgrade your TLS version.
      • Please note you may receive an error/downgrade on your SSL ranking due to your server supporting TLS 1.1. You can disregard this warning as long as your server also supports TLS 1.2 or higher.
        TLS1.2.png
  3. Review your PS SIS Global Server Settings (System > System Settings > Global Server Settings)
    • Hosted Customers - Internal Access needs to have the Internal IP, not the hostname. Secure Server SSL - not checked, Port - 80.
    • Self Hosted - Setup based on Internal Configuration Settings in this KB 
  4. Review and resubmit your Mobile Registration Settings (District Office > District > Mobile Registration)

Failure to update or fix your SSL and TLS will result in your parent and student users being unable to access the PowerSchool Mobile application when the update is released on September 4th, 2020.


If you have any questions or require assistance related to this article please contact the PowerSchool SIS technical support team.

 

Thanks, 

The PowerSchool Mobile Team