Heartbleed Security Update

heartbleed

So first a little background.  OpenSSL is an OpenSource project that allows server administrators and website developers to implement the SSL/TLS security protocol.  SSL is designed to secure all the data that is transmitted between you the user and the backend services and databases of all web applications.  Without SSL/TLS, Online Banking, E-Commerce, Web Mail, VPN and Basic Secure Web Browsing would not be possible.

Recently, a serious vulnerability in the OpenSLL protocol was discovered (nicknamed “Heartbleed”), and has rightfully garnered a lot of media attention.  The bottom line is that the Heartbleed Bug allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users directly from the protocol that was supposed to be protected by the SSL/TLS encryption used to secure the Internet.  Although the extent of the threat is not truly known, it is estimate that as much as 66% of all websites across the Internet could be affected.

Now for the good news.  Brite Connectivity hosts, develops and maintains all of our client sites with security at top of mind. We use highly secure servers and more importantly, very highly secure management products.  No sensitive information about your sites is stored in our management server and we do not run the version of OpenSSL that is affected by the Heartbleed bug. (1.0.1 to 1.0.1.f).  This means that by choosing Brite Connectivity to host, develop and maintain your sites, you are not exposed to Heartbleed vulnerability.