By now we’ve all heard about the infamous “Heartbleed” bug which exposed a dangerous vulnerability in OpenSSL encryption last month, putting all of our personal information at risk. OpenSSL is a kind of encryption which keeps web applications, email, instant messages, and private networks secure and safe from hackers. It is estimated that nearly half a million trusted websites are vulnerable (Netcraft).
What are the basics?
The Heartbleed bug allows anyone to read a website or application’s memory that uses vulnerable versions of OpenSSL. This provides an opportunity for hackers to steal sensitive data, including:
- Usernames & passwords
- Personal information like emails, finances, etc
- Encryption keys, which are required to decrypt protected information
The odds are likely that this bug has affected you in some way, since OpenSSL is the most commonly used form of encryption on the internet today. In fact, websites using the most current OpenSSL versions (1.0.1 through 1.0.1f) are the ones that are most at risk!
Can I fix it?
Luckily, OpenSSL has issued a fix for the Heartbleed bug. Anyone who manages your web server, such as a system administrator, should immediately update OpenSSL to version 1.0.1g by heading to www.openssl.org. Also, be sure to alert your customers right away to let them know that you have taken the appropriate steps to protect their private information.
What else should I do?
- Passwords. Staying off the internet is pretty much impossible in this day and age. The best step you and your loved ones can take is to change your passwords. In fact, many people have passwords that aren’t strong enough to meet current standards. Use this opportunity to boost your own security by picking a strong and complex password and use two-factor authentication wherever possible.
- Cyber Insurance. A cyber liability insurance policy is a key component to protecting your business, your customers, and your bottom line.
- Download our FREE Cyber Security Planning Guide
** To learn more about how you can take the proper steps to protect your business, take a look at Cyber Risk Management: Four Components.
ERM Insurance Brokers in Irvine, California can customize a cyber insurance liability insurance policy to protect your business!
Call (949) 222-0444 to learn more.