Categories: Technology

We Ask: Will The Heartbleed Bug Affect My Business?

It was on December 31, 2011, that a piece of flawed code in the Heartbeat Extension was implemented into OpenSSL. This piece of code, which was later to be named the ‘Heartbleed’ bug – or CVE-2014-0160 as it’s known in technical terms – has made headline news throughout the world, invoking a sense of paranoia rather than a genuine understanding of the issues at stake. As with most news stories which are complicated in nature, the general impact is one of fear.

This is quite natural considering our passwords and privacy may have been exposed to third parties, and the fact that very few of us have expert knowledge of the ins-and-outs of OpenSSL software. We need to understand if our fears are legitimate or not, so let’s have a look at what exactly Heartbleed is?

Heartbleed affects OpenSSL. OpenSSL allows your computer to communicate with various websites without information being made available to anyone looking in. Without this, usernames and passwords could be readily exposed, especially on vulnerable mobile devices.

The communication described above, between computer and server is called ‘heartbeat.’ In the past heartbeat only sent back the same info that it received, but with the Heartbleed bug, it can request extra data of up to 64kilobytes. Although this isn’t much, it can keep requesting as much as it feels necessary to extract the amount of information it needs. This is why the bug was dubbed the ‘Heartbleed’ bug.

Business often relies on OpenSSL and has duly rushed to upgrade to OpenSSL 1.0.1g, but it’s hard to assess what damage may have been done or what information might have been stolen.

Businesses often use an Enterprise Mobility Management Solution (EMM) to upgrade their security. Management platforms like MDM or MAM are very popular, and could gain more status in the weeks to come. Users of these services tend to stress that the above solutions must be properly configured for them to work to their full potential. It has been an even bigger concern after [pullquote]April 7, 2014, the day Heartbleed was publicly disclosed.[/pullquote]

Modern business is now crammed full of company issued smartphones, tablets and laptops, so awareness of these dangers should be paramount to any organisation which values its security.

Businesses have been updating security certificates en masse due to rare cases of banking apps being hooked up to servers that were vulnerable to attacks.

It was initially thought that around 60% of servers may have been affected, which makes the furore more understandable; now they estimate it may have afflicted around 17% of servers which will be a big relief to a lot of businesses.

We live in a world of complicated technical jargon and we can’t be expected to understand every piece of information we are warned about in the media. What we can do on an everyday level is to change our passwords more regularly and never use the same passwords across a range of different websites. To the everyday user of modern technologies this seems to be the best advice to tackle Heartbleed. Business users should look into EMM solutions on top of Open SSL.

The question we ask is, will Heartbleed affect my business? Well, it could if you’re not up to date with your security patches. However, it should come as a relief that only 17% of servers were actually affected by the Heartbleed bug, but anyone concerned about their mobile phone may want to install patches to Android 4.1.1, which Google claims is the only version of its OS that could be affected.

Heartbleed – Believed To Have Affected 17% Of Servers

Image: ZDNet
Richard Darell

Richard Darell is the founder and CEO of Bit Rebels, a multifaceted online news outlet that reports daily on the latest developments in technology, social media, design and everything geek. Today this media entity welcomes more than 3.5 million unique visitors per month and is considered the go-to place for people in constant motion. As an Internet entrepreneur, he is dedicated to constantly trying to develop new ways to bring content faster and closer to the end user in a more streamlined way. His excitement for statistics has allowed him to further develop systems that continuously produce accurate and fast-paced analytics to better optimize the approach by which Bit Rebels presents news and content. His graphic design background has proven to be an important tool when designing new systems and features for Bit Rebels since the development of solid and stable code depends entirely on their structure and implemented procedures. Richard currently resides in Stockholm, Sweden and directs the Bit Rebels offices in both Stockholm and Atlanta. You can reach Richard at richard@bitrebels.com

Recent Posts

Signs Of Being Subjected To Employment Discrimination Based On Disability

Discrimination in the workplace is a common concern shared by employees around the globe. This can…

1 day ago

Eucalyptus Sheets vs. Cotton: Which Bedding Is Better For Hot Sleepers?

For some of us, sleep might be the most annoying part of our lives. We…

1 day ago

How Online Listing Platforms Make Your Life Easier As A Real Estate Investor

Dedicated real estate investors are always looking for new technologies that can help them get…

2 days ago

Why Cities Are Embracing Collapsible Bollards As A Contemporary Necessity

The growing use of collapsible bollards in urban infrastructure is changing how cities handle security…

2 days ago

A Brief Guide To Autumn & Winter Camping: Tips, Campsites, And Camping Battery

The autumn and winter seasons in Australia offer perfect camping opportunities and attract campers to…

3 days ago

Forex vs Stock Trading: Which One Is Right For You?

Choosing between forex and stock trading can often be a difficult decision for most investors…

5 days ago