By Sarah Morgan
Recently, you may have heard about the Heartbleed bug that is affecting internet security around the world. This bug affects the transmission of secure data through the web. Usually that information is transmitted using a secure connection (SSL), but in this case, there was a problem in how that secure connection was formed, allowing sensitive data such as passwords to be exposed to unknown third parties. To say that this is a big deal is an understatement-this bug is the biggest ever exposed on the internet, and affects more than two-thirds of all internet users globally! Here is a helpful video that explains the bug in a non-technical manner: http://youtu.be/8oI_laHhGjE.
Let us put your mind at ease right away. Even though our dedicated web hosting server was using OpenSSL, we immediately put a patch in place on our server to negate any security vulnerability. You can use this handy tool to verify that your site is not vulnerable: https://filippo.io/Heartbleed.
In addition to patching our server, we are also taking the following pre-emptive actions:
- For any clients that currently have an SSL certificate, we are going to reissue the certificate with the latest security enhancements.
- We are changing passwords that we use internally to access the control panel of the server that controls your website.
- We plan to install SSL certificates for all clients with a CMS. This is not required, but will further add to the security of the web products that we host for you.
- We recommend that all clients change their password for their CMS login. If you need a reminder on how to do that, please contact me for help.
- You may also want to consider changing some of your other passwords to social media sites and more. You can find a helpful list of passwords to change here: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
As always, we are committed to ensuring that the web products and services we offer are optimized for efficiency and security. We'll continue to update you if there are any further actions needed on your part.
If you have any questions or concerns, please don't hesitate to contact us.