Lessons Learned from Heartbleed Bug
The Hearbleed event plastered across media outlets isn’t actually a virus but a bug that recently left more than half a million Internet users vulnerable to cyberattacks. Heartbleed is a software problem in OpenSSL script, which is used to encrypt user information like passwords and credit card information when it’s sent to website servers. The Heartbleed bug allowed hackers to capture credit card and password information from millions of Internet users.
Because you must protect not only your own information, but also your clients’ confidential information, you need to pay close attention to how Internet bugs like Heartbleed affect your security.
What Should I do to Protect Myself and my Clients?
1. Create strong passwords. Each code should be about 16 characters long and contain a variation of capital and lowercase letters, numbers and symbols. The more complicated the password, the better.
2. Update your passwords. If you’re using the same password for more than one site, change that and give each site its own code. Also change any passwords for websites you know or suspect have been affected.
3. Use a password manager like LastPass to track numerous complex passwords. With a manager you only need to remember a single password to login and have a record of your other codes.
4. Backup and encrypt your hard drive. Regularly backing up and protecting client and firm information is best practice. You can easily encrypt your computer by using Microsoft’s BitLocker software. Or better yet, use a service that will do this for you automatically, like Abacus Private Cloud, so you can focus on providing best possible outcomes for your clients.
5. Use two-factor authentication when it’s available. Many websites will give you the option of requiring additional information to log into their site. With this feature, even if someone finds your password they’ll be unable to sign onto the website and access your information.
6. Invest in private cloud services, like the Abacus Private Cloud. Abacus provides you with unparalleled security for your data. Its data centers use five tiers of physical security in additional to network and data security provisions.
The Heartbleed bug brought security to the forefront of everyone’s mind and offers a good opportunity to discuss the best practices for protecting your personal, client and law office information. Even if there isn’t a security threat in the news, you should be using strong, unique passwords for every site, requiring two-step authentication and backing up and encrypting your data.