<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=40521&amp;fmt=gif">

Start remote support now

Enter the code provided by your MyITPros service technician


Drop us a line

We’re excited to connect with you! Simply fill out the form below with your information and someone will get back to you as soon as we can. Thank you for your interest in our company.


See how we’re handling COVID-19

Click here
See how we’re handling COVID-19

Questions Small Business Owners Have About Heartbleed


Many of our clients have been asking us for clarification on what Heartbleed is and how it affects them and their business.

What is Heartbleed?

Heartbleed is not a virus. It is a hole in the security mechanism used for secure communication across the Internet.  Although not every website on the Internet is impacted, the vulnerability does affect certain versions of secure web pages.

To illustrate, secured web pages that require a user to enter sensitive data to process (such as a credit card number) are most vulnerable.  You can identify a secured web page by looking for either a lock icon or https in the address bar.  Unfortunately, the hole provides a way for hackers to access sensitive data and it has already existed for two years.

What Can I Do?

As an end user, there really is nothing you can do. We must rely on the vendors and web admins to update their products and patch the vulnerability timely. A patch was released the day Heartbleed was announced.  And on the upside, no sign is evident that hackers exploited it.

As a business owner, you should check in with your vendors to ensure their web admins have applied the patch. You can also contact your IT service provider for help. We have been working with our vendors to determine what might be affected and where we need to apply the patch.

Do I Need To Change All My Passwords?

Firstly, you only need to change your password on websites that were vulnerable, or websites you used the same credentials as a vulnerable site.

Secondly, you should not change your password until you are sure the patch update has been applied. If you change your password before a fix, you may be handing your new info right over to a hacker.

Check out Mashable’s Heartbleed Hitlist article to see which websites were impacted. For more obscure sites, you can use LastPass Heartbleed Checker.

Best Practices Going Forward

As an end user, you didn’t have a lot of prevention or control in this situation. Even though changing your passwords frequently wouldn’t have assisted you in this particular instance, it is still a good idea. Varying passwords from site to site is a best practice, which may save you time should a similar vulnerability emerge again.  You may consider using RoboForm or LastPass to help you manage your passwords.

Our goal for this blog is to answer the questions you ask. If you have any questions about Heartbleed or any other topic please email me at lori@myitpros.com. To learn more about IT subscribe to our blog.



Articles you might like

Business Security
9 Online Safety Tips Every Holiday Shopper Should Know
Business Security
Shining light on how shadow IT can harm your business
Managed Services
4 factors to help you find the best IT provider