There’s a lot of information flying around the internet these days about the Heartbleed Bug which potentially exposed millions of internet users to vulnerabilities when they thought they were accessing secure sites. Some estimate that it has compromised at least 66% of active websites (techmadeeasy.co.uk estimates there are around 861,379,000 registered host names as of January 2014).
Most high profile sites have already responded to the threat (read: Which popular sites have been patched) and consumers have been instructed to change their passwords.
What Do I Need To Know As A Business Owner?
This bug predominantly affects firewalls and websites. Most security & firewall companies (including the vendors we use like Cisco, WatchGuard, and others) issued patches immediately. As a business owner, you should be vigilant and check with your technology providers to ensure the products they are using are safe and supported for updates, patches, and fixes-especially for hosted websites and cloud services. If you host your own website, you may need to take the necessary steps to make sure your site is secure. One popular tool you can use to check whether a site has been secured:
If you or your employees use Android phones or tablets, you may want to keep an eye out for updates to the Android Operating System (OS). PC Magazine reported that users of Android 4.1.1 may still be vulnerable to the Heartbleed Bug. Other Google products (such as Gmail, YouTube, AdWords, Maps, etc.) should be safe as the company has applied the appropriate patches.
One of the best things you can do is create a password policy for all the applications you use. It is best to change your passwords at least every 3 months. We also have some tips for creating strong passwords. Click on the infographic to the left for tips and examples.
If you have any questions or need our assistance with reviewing your network for best security practices, please do not hesitate to call!