The Internet’s latest security scare has been making headline news for a couple weeks now and it indeed sounds pretty frightening. Heartbleed as it is being called has pumped fear and concern into a number of industries—from popular social networks to the government sector.
If you do a quick Google search, you’ll find lots of information swirling around on the internet about this most recent cyber threat, so we want to briefly address some common questions surrounding Heartbleed and whether small business owners and IT managers should be concerned.
What is Heartbleed?
Heartbleed is the name of a security bug specific to OpenSSL software only. Heartbleed is not a virus and therefore doesn’t replicate, so you don’t have to worry about getting infected or infecting your customers. However, this hole in your security enables unauthorized users (i.e. hackers) to access encrypted information without leaving any trace.
Who was affected?
Although experts are still looking into all of the major sites that were affected, already a number of well-known sites have been named. Some recognizable networks that were affected by the Heartbleed flaw are:
You can find a full list of the sites affected on here.
Is my organization at risk?
You may have been affected by Heartbleed if your computers run on OpenSSL software. Fortunately, there have been very few reports of exploitation of user data so far. Nevertheless, while it is not likely that small business servers will be affected by the flaw, chances are your organization rents space or is registered with at least one of the ISP’s affected.
Most of the networks that had the Heartbleed flaw have now patched up the security hole. Still, businesses are advised to change their passwords for those sites that were affected.
How can I make sure my network is protected?
There are so many security flaws and viruses out there, and Heartbleed is yet another one to add to the list. So how can you protect yourself and your organization from as many of them as possible? Experts agree on several actions you can take to reduce your risk of getting hacked and strengthen your network security:
- Pay attention when major security flaws and viruses are announced by the media – visit our blog regularly for the latest IT news
- Update your software’s security features when you receive notifications
- Backup your data and related applications
- Train your staff on basic computer security
- Use common computer sense (don’t make your password 123456 or a similarly “hackable” code)
- Consider double authentication for not only users to access your internal sites, but also a secret code on mobile or third-party devices
To test the security of your organization’s framework, contact Innovative Architects today for a professional evaluation. Simply tell us about the issues your company is facing, and we will see if there is a suitable software solution.