TopTop

Your Business and HeartBleed – What to Know

The recent media coverage of the HeartBleed vulnerability has caused legitimate concerns by our clients. Now that we have clearer information on the HeartBleed vulnerability, we are recommending businesses perform a series of basic steps to identify and correct any potential risks;

External Vulnerability – we recommend external vulnerability tests be performed, specifically testing for the HeartBleed vulnerability. Identify and be sure all external facing IP’s, websites and services are tested, then document the results. Burgess Computer can recommend a reputable vulnerability scanning vendor if you do not currently have one, as well as manage the process.

Internal vulnerability – some applications use OpenSSL to secure internal network traffic. A list of internal systems and applications should be created and then checked for vulnerabilities. Typically, the check is as simple as a vendor statement certifying there system is not vulnerable to HeartBleed. Burgess Computer can also assist with internal vulnerability checks.

Change your passwords – some social media and email sites were vulnerable. It is recommended to change your passwords. You can see a list of sites affected here: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

Out of an abundance of caution, we recommend changing any passwords used on the internet. You can also check if the website is vulnerable by using this tool to scan it:

http://safeweb.norton.com/heartbleed

Burgess Computer has verified that all managed services we provide are not affected by the HeartBleed vulnerability. These include;

Please contact us if you have any questions, or require assistance in planning and testing your network.

Posted in

Matt Rice, CTO

Matt is a graduate of Central Maine Technical College. He has been with Burgess since 2001, acting as Service Manager, then General Manager, before becoming an owner. Matt focuses on developing and delivering technologies that fit best with customer needs.

Reader Interactions

Leave a Reply

Your email address will not be published.