Chances are you’ve heard the recent buzz going around about the Heartbleed bug. Maybe you read about it on a news website or noticed your Facebook friends complaining about having to change passwords. Maybe it affected your business, maybe just some personal accounts. We’ve pulled together a list of basic info to help you determine the best course of action.
What is Heartbleed?
Heartbleed is a flaw in a specific version of security software called Open SSL. Open SSL allows you to safely connect with a website to share private information. It’s like a secret handshake between you and the website that you’re sharing your information with. The Heartbleed bug allows someone to learn that handshake and get access to your data. Heartbleed is big problem with a thankfully easy fix.
What should you do about a website built by 435 Digital?
Nothing. Although the problem software (Open SSL v1.0.1) is on over half the web servers on earth, our servers are not running the offending software, so no worries, your data has not been compromised by this specific flaw. However, it’s always a good idea to periodically change your passwords.
What should you tell your customers?
Once you’ve confirmed all your websites are in the clear, communicate to your customers that their data with you is safe from this flaw. Remind them to check with their other services in case those passwords need to be changed.
What about websites with which you have an account?
In addition to the business side of things, you’ll want to make sure your personal accounts are safe. This includes everything from social media and email to your insurance and 401K accounts. First figure out if the website has fixed the problem. At this point, most websites are in the clear, but hang tight if not. There’s no reason to change anything until the vulnerability has been fixed.
Here is a great list of common websites, how they were affected by Heartbleed, and what action they took. Have specific questions? Feel free to reach out in the comments.