Heartbleed, the latest cyber security threat, has been quickly making headlines around the world since Monday. The vulnerability exposes secured website traffic, such as passwords and credit card numbers, to eavesdropping.
Due to the potential impact, some security experts are recommending to stay off banking sites and other web servers that contain highly confidential information. Read on for further recommendations.
Is My Website Secure?
At Knowmad, we have helped our clients determine their vulnerability and, if necessary, take measures to close this vulnerability. In most cases, the typical website is not exposed to this threat. You can test your own website at http://filippo.io/Heartbleed.
The Heartbleed bug only affects websites that use secure sockets layer (SSL) to encrypt communications between your browser and the server. And, it only affects those websites using more recent versions of the OpenSSL library. In our analysis of our own and customer's servers, we only found about 25% which were using the affected libraries. For a more thorough analysis of the exploit, visit "What You Need To Know About Heartbleed, A Really Major Bug That Short-Circuits Web Security."
A Personal Threat
Even if your corporate server is safe, your personal information may not be! Since this bug has been in the open for almost 2 years and exploits leave no trace, it is hard to know the full scope of data exposure. Before you go changing your passwords to online services, security experts recommend waiting to receive notification from your service providers that they have either verified that their servers are unaffected or that they have patched all services. Only then can you be sure that your updated information is not vulnerable to prying eyes.
A Final Reminder
As Mat Honan learned the hard way, once you lose control of your online identity, it is hard to recover. Events like Heartbleed serve as a reminder that your data is constantly at risk. A strong password is a good start. See Entrepreneur's list of "10 Data-Security Measures You Can't Do Without."
William McKee is a founding partner of Knowmad. As a Web architect & Internet business consultant, he is passionate about applying business knowledge & technical expertise to deliver solutions that advance business online. With over 15 years of Web experience, his current work involves designing strategies and creating processes to help business attract, engage and convert website visitors into customers.