What Small Business Needs to Know About the “Heartbleed” Bug

Date: April 15, 2014

How this Major Security Flaw Affects You and Your Business

Last week, US authorities warned that the “Heartbleed” bug of OpenSSL affected a broad swath of the Internet, including websites as varied as Google, Facebook and Yahoo. The flaw exposes passwords, credit card numbers and secret keys used to encrypt information against hackers.

What Should I Do?
Website operators are scrambling to update their sites to fix the flaw. This entails applying a patch and resetting their encryption keys. To protect yourself, you should change your passwords after a website has fixed the flaw. (Note that has put in the fix for Heartbleed.) For a list of well-known sites that were compromised and have updated their systems, see this chart. If you use OpenSSL on your business website and collect personal data from your customers, you should upgrade to OpenSSL 1.0.1g as soon as possible.

What About My Bank?
The good news is that major banking and investment sites have said they were not affected. These include firms such Wells Fargo, Bank of America and US Bank. For a list of financial institutions, again consult the chart. You should also check with your individual financial institution to see if it has provided any guidance on the issue.

What About Electronic Payments?
The flaw has compromised the security of electronic payments, and Visa, for example, advises its clients and their agents and merchants to patch all affected systems as soon as possible. If your business uses these kinds of services, you should check with the relevant companies involved and be aware of security notifications from your software vendors.

Where Can I Learn More?
Read the U.S. government’s official alert. For a detailed explanation of the “Heartbleed” bug, visit CNN and FOX Business have reports on the issue.

blog comments powered by Disqus

Subscribe For Free News And Tips

Enter your email to get FREE small business insights. Learn more


Do you use a CRM to manage customer information?

Yes, I use a CRM. - ( 216 votes )

CRM? I use Excel. - ( 115 votes )

Excel? I use paper and pencil! - ( 38 votes )

No, I don't use any CRM system. - ( 145 votes )