First thing’s first: make sure you understand what Heartbleed is and is not. It is not a virus – your antivirus software is completely unable to do anything about it. It is no doubt one of the most serious and widespread problems on the internet. What Heartbleed really happens to be is a security vulnerability in certain OpenSSL software used widely on a variety of servers.
How Heartbleed Works
At a very basic level, it allows a hacker to request more data than your computer really wants. OpenSSL offers a feature called “heartbeat.” Every time you load a website, the site responds back letting you know it’s ready for your request (a “heartbeat”). Your computer sends a certain amount of data, and then you get the same amount of data right back. However, with Heartbleed, a hacker can request more data from the website’s servers than is actually sent.
Many computers continue to access the server, and the data inside of those requests can still reside in the part of a server that hackers can access by exploiting Heartbleed. That information could be your login information, social security number, or any other private information you keep with that website. And even though it’s just coming to the public’s attention now, the NSA has known about Heartbleed for at least two years.
Data Security Steps to Take to Keep Your Personal Information Secure
Many servers across the web have been affected, but the actual number could be a lot lower than expected. OpenSSL has quickly patched the software, so the vulnerability no longer exists. But, the affected websites may still need to make that update to their servers.
In the meantime, what you can do to protect yourself is update your password on the affected websites. This blog post has a list of known websites affected by Heartbleed.
Ideally, your passwords for each website you login to are different, not just variations of the same thing. And if you need help managing all your passwords, Lastpass is free, and syncs your passwords across all devices. It also generates random passwords and stores them all for you – greatly increasing your security across the web.
The Moral of the Story? Have a Reliable Data Protection Plan in Place
If Heartbleed can affect many websites and go largely unnoticed by the public for years, think of all the other threats to your company’s computer network that could be floating around out there. There’s also the devastating Cryptolocker virus, which takes complete control of your PC. Then, it forces you to pay $300 – $400 to regain use of your computer again!
It’s a lot to stay on top of besides all of the other demands you have when running your business. So, it makes sense to outsource your data security and protection needs. That way, you can focus on what your business does best and leave the rest to experienced professionals.
Learn more about the author Bob Martin