We are here to help you plan, prepare, respond, and report on anything that comes your way. Give us a few moments of your time and we'll show you.
Apr 24, 2014Back to Veoci Blog
The recent Heartbleed bug that compromised OpenSSL – a key component for secure access to servers on the internet – has greatly heightened the need for internet security awareness. This vulnerability was vast; almost two thirds of the world’s 50 million servers run this component. While many website teams have updated their software to eliminate this bug, it may be months or longer before all servers are made safe;
it’s not surprising that there will still be servers with this bug even a few years from now. Unfortunately, only when these servers are retired will this security issue be completely eliminated. While system administrators are better at updating their software in a timely fashion after vulnerability announcements, until they do, your data is vulnerable, and your wallet is lying open on the internet. The plain truth is that the biggest and most easily fixed deficiency is the lax system administrator who hasn’t been keeping up to date with security patches and virus/vulnerability software updates. In these cases, good fortune is often his/her only defense. Fortunately for most of us, the security breaches we hear about generally affect only brand name websites that are known to millions. The more recognizable the name, the more likely someone will think it’s worth hacking.
But the little guys need to watch out too. As more “teams” have stepped into this “opportunity,” the World Wide Web is becoming a dangerous place. Outlaw organizations can set up methods and processes for hundreds of employed hackers. With just a bit of bad luck, your site could be next on the evening news.
Other hackers work in the world of espionage and war: they come in the form of patriotic professionals who hack into “enemy” sites. Government espionage organizations study these system vulnerabilities continuously and use these bugs to break into target systems. Legend has it that government groups know of these vulnerabilities years before they’re discovered by the public, and of course they take full advantage of them. Qualys, a well-known security company, has released a simple test you can run to check your website and the websites you use – banking, business, insurance, you name it. It is prudent to check the secure sites you use, since after all, it is your data that will be stolen. This test is available free to anyone on the Internet.
Click Here. Whether you use this test or not, bear in mind there are hundreds of hackers who will – to discover the vulnerable sites they should hack. At Veoci, as you’d hope with any professional software development organization, security is always our #1 priority. Our cloud-based service was patched as soon as the Heartbleed vulnerability was announced, and all of our customers immediately realized the benefits. We’re constantly performing extensive tests on our software – some even by outside security auditors – and on the Qualys SSL Labs test, we’re proud to report that we got an “A.” The number of sites that are getting “F”s is quite an eye-opener. Take care of your private personal, financial, and business data, and be sure the sites you access are secure. And of course, change your password often!
Receive all the latest emergency, crisis, and continuity management news, tips, and advice