You may have heard about the destructive security bug, “Heartbleed,” that attacks a vulnerable flaw in major online security systems enabling it to access encrypted data. Warnings about Heartbleed are loud and alarming for good reason.
Please be assured, however: None of Market Leader’s systems have been affected by this security flaw. And none of the systems or services we provide to our customers or employees have been affected by this flaw.
This doesn’t mean you should ignore the ever-increasing need for vigilance in protecting your data. The Heartbleed Bug launched about two years ago, and there’s no way for you to know what may have been compromised by this vulnerability, including Web, email, instant messaging, and some virtual private networks.
So we encourage you to practice good security measures, like remembering to change your online passwords. (Yea, yea, we know—it’s like hearing your dental hygienist reminding you to floss—but it’s gotta’ be done!)
Here are some excellent tips on protecting yourself and/or your brokerage along with links to more technical details and helpful information to use with your sphere of influence.
What can you do to protect yourself from Heartbleed?
- Change your passwords every few months. Especially passwords on financial accounts (banking, credit cards, etc.) and any site you regularly shop on. Before going to the trouble of changing all 250+ of your passwords, take a peek at the great list Mashable.com put together to prioritize websites where you should consider changing your passwords.
- Be a little leery of public Wi-Fi networks. As suggested in NPR’s blog post by Elise Hu and Steve Henn, limit your Internet behavior to non-transactional based or using websites that access financial information while on the Wi-Fi at Starbucks or other public places.
- If you have a VPN, use it. If your business or brokerage offers a virtual private network, or VPN, connect that way. It’s still fairly safe.
- Don’t freak out. Sites like Amazon, Google, and other major Internet companies have already secured themselves and fixed the vulnerabilities disclosed this week. Still, changing your password is probably the best way to protect yourself and/or your business.
- Test to see which sites are vulnerable. Qualys® SSL Labs has created a Web app that will tell you what kind of encryption a site uses and whether the encryption is secure which can be found here.
What exactly is Heartbleed?
Heartbleed is a security flaw that was found on OpenSSL, a popular cryptographic library that is used to secure a huge chunk of the Internet’s traffic—basically any site that has “https” in the URL. Even if you have never heard of OpenSSL, chances are, it’s helped secure your data in some way.
How can you leverage this news with your contacts?
As ActiveRain’s Nikesh Parekh suggests, blogging about the Heartbleed bug and sending an email to your contact database with a link to your blog post is a great opportunity to offer service to your prospects and customers.
Want more information about Heartbleed? Here are additional resources:
- Mashable.com’s list of web sites affected by Heartbleed
- The Security Bug That Affects Most Of The Internet, Explained by Jeremy Bowers
- What To Do Now That The Heartbleed Bug Exposed The Internet by Elise Hu and Steve Hen
Rest assured, Market Leader customer information continues to be safe. We have been fortunate to have suffered no security breach, and our brilliant IT team continues to stay one step ahead of the latest cyber villainy.