Businesses using cloud services are at “extremely high” risk of falling victim to the Heartbleed security vulnerability, according to experts.
The Heartbleed bug was first found earlier this week and is a vulnerability in OpenSSL — technology used to protect sensitive data — that allows attackers to hack into software. Since it reared its head, security experts have warned users of cloud services to change their passwords to mitigate the risk.
But it is not just consumers who are at risk, according to cloud security specialist Skyhigh Networks, which claims enterprises face a similarly serious situation.
“While the focus in the media was initially on high-profile consumer sites such as Yahoo Mail, many cloud services present an even greater risk to companies storing sensitive data on those services,” officials with the company said. ”Over the past weeks, security teams across country have been grappling with end of life for Windows XP… [but] that issue has been completely overshadowed with news of the Heartbleed vulnerability.”
Skyhigh Networks said its intelligence shows that 24 hours after the vulnerability hit the headlines, 368 cloud providers had still not patched their wares, making them vulnerable to attack. It did not divulge which firms’ services were affected but claimed “leading backup, HR, security, collaboration, CRM, ERP, cloud storage, and backup services” were among them.
“The average company uses 626 cloud services, making the likelihood they use at least one affected service extremely high,” officials added.
Where these officials get their data is beyond me however there is nowhere close to any company that uses 600 Cloud services, there’s not even that many Cloud Service Providers in the entire world!
CHANGING YOUR PASSWORD WILL HAVE ABSOLUTELY ZERO AFFECT (I’m not sure what “experts” this article refers to but they obviously are NOT SECURITY EXPERTS) the issue is in the secured SSL protocol itself, NOT YOUR PASSWORD, so if you are using a hosting service or Cloud service for ANYTHING you need to contact that provider and ask if they have fixed all their OPENSSL implementations and if you do not believe you can trust them to answer truthfully I encourage you to REMOVE ANY AND ALL CRITICAL INFORMATION from that service and then hire someone like myself or other trusted security expert to do a complete analysis for you before you place your business data at risk outside of your internal firewall again…
This is NO JOKE, absolutely EVERY INTERNET SERVICE IS NOW COMPROMISED, NO MATTER IF THEY HAVE EMAIL YOU OTHER WISE AND NO ACCOUNT OF CHANGING YOUR PASSWORD WILL FIX THIS which is why the true experts are saying it’s the WORLD SECURITY VULNERABILITY EVER IN THE HISTORY OF THE INTERNET..
CALL ME if you are not sure if your company is at risk and I can help you protect yourself and your business immediately 209-263-2976
By Jarrett Neil Ridlinghafer
CTO of the following –
Synapse Synergy Group
Chief Technology Analyst, Author & Consultant
Compass Solutions, LLC
Cloud Consulting International