Web Security Service
WSS, by default, does not use SSLv3. It only downgrades it when the website cannot handle TLS and ask WSS to make connection over SSLv3. There are websites which might still use SSLv3 and disabling SSLv3 globally can cause outage accessing those websites for few other WSS customers.
Support engineer can help users by adding a policy to disable SSLv3 for specific WSS tenants. The user using that tenant will not be able make any connection over SSLv3 after that. However, it can cause service disruption for any websites using SSLv3. Admin must analyze the impact prior to change, if any. They can login to the portal and go to Account Configuration (the gears at the bottom) > Log Export > Log Download > Fields included with Download (View/Edit) and add the following fields
And then download some logs for a few days and scan that column and see if anything shows up with SSL3 or SSLv3 in any of the columns. If they can't find anything in those columns, then it is PROBABLY OK to disable the SSLv3 policy.