SlideShare uma empresa Scribd logo

How To Protect Your Business From Heartbleed Bug?

Transferir como PPTX, PDF
Cloudways
Cloudways

If you have an online business and you use OpenSSL, then you should take these measures to protect your business from Heartbleed bug.

Tecnologia
1 de 10
HOW TO PROTECT YOUR ONLINE BUSINESS FROM HEARTBLEED BUG?
My Name is Pere Hospital  IT Security Expert & Cloud Specialist - CISSP, OSCP Certified.  Founder, Cloudways (Managed Cloud Hosting Platform)  Find me on Twitter: @Phospital
Why Heartbleed Bug is a Big Deal ? According to CNN:  Two thirds of the web sites and applications that allow you to do online banking or communicate privately through e- mail, voice, or instant messaging use OpenSSL to protect your communications.  That is why a bug in OpenSSL that can render the private information you are transmitting across the wire, visible to attackers. And this is a very big deal.
So, How to Protect Yourself From Heartbleed Bug? If you are focusing on WHAT TO DO about it (especially if you have an online business of any kind). This is an overview of what I would suggest. 5-Step Strategy
Step 1  Carefully assess what is the level of sensitivity of the data that you have been “protecting” via SSL. (Find out how many SSL certificates you have and where you are using them and to protect what).
Step 2  Consider that there may be sensitive information that you are outsourcing already (i.e. to payment providers). In this case, you will have to ask them, what they have done about this bug, and how they have protected the sensitive data they handle on your behalf.
Step 3  Once you have gathered the relevant information, you need to decide about taking any further actions.
Step 4  The very first thing you need to do is rebuild your defenses, so you need to re-issue your SSL certificates. Then, replace the old ones with the newly-issued certificates. Most importantly, you should revoke all the old certificates to ensure that no other (future) data can be intercepted.
Step 5  Finally, you need to assess which kind of sensitive information you were “protecting” via SSL and act accordingly (i.e. resetting user passwords, changing credentials in third party services—and the list continues).
Concluding Words…  As more information becomes available, other actions will have to be considered, but with what we know so far, above steps look like a sensible approach to me. Sincerely, Pere Hospital @phospital Also read: Cloudways’ comprehensive coverage on Heartbleed bug

Recomendados

Developers Paradise 2016: Who are the Speakers?
Developers Paradise 2016: Who are the Speakers?Developers Paradise 2016: Who are the Speakers?
Developers Paradise 2016: Who are the Speakers?Cloudways
 
20 WordPress Thought Leaders Tell Why to Attend WordCamps!
20 WordPress Thought Leaders Tell Why to Attend WordCamps!20 WordPress Thought Leaders Tell Why to Attend WordCamps!
20 WordPress Thought Leaders Tell Why to Attend WordCamps!Cloudways
 
Don’t fear the Boilerplate – Magento with Bootstrap and Gulp
Don’t fear the Boilerplate – Magento with Bootstrap and GulpDon’t fear the Boilerplate – Magento with Bootstrap and Gulp
Don’t fear the Boilerplate – Magento with Bootstrap and GulpTobias Hartmann
 
Generic Refund Policy Template for Physical Items
Generic Refund Policy Template for Physical ItemsGeneric Refund Policy Template for Physical Items
Generic Refund Policy Template for Physical ItemsCloudways
 
How to Get Clients for Your Agency
How to Get Clients for Your AgencyHow to Get Clients for Your Agency
How to Get Clients for Your AgencyCloudways
 
Affiliate Marketing Mistakes to Avoid in 2020
Affiliate Marketing Mistakes to Avoid in 2020Affiliate Marketing Mistakes to Avoid in 2020
Affiliate Marketing Mistakes to Avoid in 2020Cloudways
 
6 Ways to Determine Target Audience For Your Ecommerce Store
6 Ways to Determine Target Audience For Your Ecommerce Store6 Ways to Determine Target Audience For Your Ecommerce Store
6 Ways to Determine Target Audience For Your Ecommerce StoreCloudways
 
Watch The Awesome Workplaces Of Some Great WordPress Influencers
Watch The Awesome Workplaces Of Some Great WordPress InfluencersWatch The Awesome Workplaces Of Some Great WordPress Influencers
Watch The Awesome Workplaces Of Some Great WordPress InfluencersCloudways
 

Recomendados

Developers Paradise 2016: Who are the Speakers?
Developers Paradise 2016: Who are the Speakers?Developers Paradise 2016: Who are the Speakers?
Developers Paradise 2016: Who are the Speakers?Cloudways
 
20 WordPress Thought Leaders Tell Why to Attend WordCamps!
20 WordPress Thought Leaders Tell Why to Attend WordCamps!20 WordPress Thought Leaders Tell Why to Attend WordCamps!
20 WordPress Thought Leaders Tell Why to Attend WordCamps!Cloudways
 
Don’t fear the Boilerplate – Magento with Bootstrap and Gulp
Don’t fear the Boilerplate – Magento with Bootstrap and GulpDon’t fear the Boilerplate – Magento with Bootstrap and Gulp
Don’t fear the Boilerplate – Magento with Bootstrap and GulpTobias Hartmann
 
Generic Refund Policy Template for Physical Items
Generic Refund Policy Template for Physical ItemsGeneric Refund Policy Template for Physical Items
Generic Refund Policy Template for Physical ItemsCloudways
 
How to Get Clients for Your Agency
How to Get Clients for Your AgencyHow to Get Clients for Your Agency
How to Get Clients for Your AgencyCloudways
 
Affiliate Marketing Mistakes to Avoid in 2020
Affiliate Marketing Mistakes to Avoid in 2020Affiliate Marketing Mistakes to Avoid in 2020
Affiliate Marketing Mistakes to Avoid in 2020Cloudways
 
6 Ways to Determine Target Audience For Your Ecommerce Store
6 Ways to Determine Target Audience For Your Ecommerce Store6 Ways to Determine Target Audience For Your Ecommerce Store
6 Ways to Determine Target Audience For Your Ecommerce StoreCloudways
 
Watch The Awesome Workplaces Of Some Great WordPress Influencers
Watch The Awesome Workplaces Of Some Great WordPress InfluencersWatch The Awesome Workplaces Of Some Great WordPress Influencers
Watch The Awesome Workplaces Of Some Great WordPress InfluencersCloudways
 
How To Utilize Blogging For Marketing Your Startup
How To Utilize Blogging For Marketing Your StartupHow To Utilize Blogging For Marketing Your Startup
How To Utilize Blogging For Marketing Your StartupCloudways
 
This Is How We Disrupted The Cloud Hosting Industry In 2016
This Is How We Disrupted The Cloud Hosting Industry In 2016This Is How We Disrupted The Cloud Hosting Industry In 2016
This Is How We Disrupted The Cloud Hosting Industry In 2016Cloudways
 
How PHP will fare in 2017
How PHP will fare in 2017How PHP will fare in 2017
How PHP will fare in 2017Cloudways
 
Top Ecommerce Influencers on Twitter You Cannot Afford to Miss
Top Ecommerce Influencers on Twitter You Cannot Afford to MissTop Ecommerce Influencers on Twitter You Cannot Afford to Miss
Top Ecommerce Influencers on Twitter You Cannot Afford to MissCloudways
 
Ecommerce Survival Checklist For This Holiday Season
Ecommerce Survival Checklist For This Holiday SeasonEcommerce Survival Checklist For This Holiday Season
Ecommerce Survival Checklist For This Holiday SeasonCloudways
 
A 30 Point Checklist For Your Startup
A 30 Point Checklist For Your StartupA 30 Point Checklist For Your Startup
A 30 Point Checklist For Your StartupCloudways
 
Learn What Ecommerce Experts Love About Magento 2
Learn What Ecommerce Experts Love About Magento 2Learn What Ecommerce Experts Love About Magento 2
Learn What Ecommerce Experts Love About Magento 2Cloudways
 
How to setup tax rules in Woocommerce
How to setup tax rules in WoocommerceHow to setup tax rules in Woocommerce
How to setup tax rules in WoocommerceCloudways
 
How to Install Magento on Google Cloud Engine (GCE)
How to Install Magento on Google Cloud Engine (GCE)How to Install Magento on Google Cloud Engine (GCE)
How to Install Magento on Google Cloud Engine (GCE)Cloudways
 
How to Host WordPress on Vultr
How to Host WordPress on VultrHow to Host WordPress on Vultr
How to Host WordPress on VultrCloudways
 
How to host WordPress on Google Compute Engine
How to host WordPress on Google Compute EngineHow to host WordPress on Google Compute Engine
How to host WordPress on Google Compute EngineCloudways
 
An overview of upcoming features and improvements of PHP7
An overview of upcoming features and improvements of PHP7An overview of upcoming features and improvements of PHP7
An overview of upcoming features and improvements of PHP7Cloudways
 
WordPress Security - What Community Thinks!
WordPress Security - What Community Thinks!WordPress Security - What Community Thinks!
WordPress Security - What Community Thinks!Cloudways
 
WordPress Infographic: WordCamp Events In 2014 (May To July)
WordPress Infographic: WordCamp Events In 2014 (May To July)WordPress Infographic: WordCamp Events In 2014 (May To July)
WordPress Infographic: WordCamp Events In 2014 (May To July)Cloudways
 
Cloud Hosting: 7 Tools That Help Forecast Cloud Services Bill
Cloud Hosting: 7 Tools That Help Forecast Cloud Services BillCloud Hosting: 7 Tools That Help Forecast Cloud Services Bill
Cloud Hosting: 7 Tools That Help Forecast Cloud Services BillCloudways
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 

Mais conteúdo relacionado

Mais de Cloudways

How To Utilize Blogging For Marketing Your Startup
How To Utilize Blogging For Marketing Your StartupHow To Utilize Blogging For Marketing Your Startup
How To Utilize Blogging For Marketing Your StartupCloudways
 
This Is How We Disrupted The Cloud Hosting Industry In 2016
This Is How We Disrupted The Cloud Hosting Industry In 2016This Is How We Disrupted The Cloud Hosting Industry In 2016
This Is How We Disrupted The Cloud Hosting Industry In 2016Cloudways
 
How PHP will fare in 2017
How PHP will fare in 2017How PHP will fare in 2017
How PHP will fare in 2017Cloudways
 
Top Ecommerce Influencers on Twitter You Cannot Afford to Miss
Top Ecommerce Influencers on Twitter You Cannot Afford to MissTop Ecommerce Influencers on Twitter You Cannot Afford to Miss
Top Ecommerce Influencers on Twitter You Cannot Afford to MissCloudways
 
Ecommerce Survival Checklist For This Holiday Season
Ecommerce Survival Checklist For This Holiday SeasonEcommerce Survival Checklist For This Holiday Season
Ecommerce Survival Checklist For This Holiday SeasonCloudways
 
A 30 Point Checklist For Your Startup
A 30 Point Checklist For Your StartupA 30 Point Checklist For Your Startup
A 30 Point Checklist For Your StartupCloudways
 
Learn What Ecommerce Experts Love About Magento 2
Learn What Ecommerce Experts Love About Magento 2Learn What Ecommerce Experts Love About Magento 2
Learn What Ecommerce Experts Love About Magento 2Cloudways
 
How to setup tax rules in Woocommerce
How to setup tax rules in WoocommerceHow to setup tax rules in Woocommerce
How to setup tax rules in WoocommerceCloudways
 
How to Install Magento on Google Cloud Engine (GCE)
How to Install Magento on Google Cloud Engine (GCE)How to Install Magento on Google Cloud Engine (GCE)
How to Install Magento on Google Cloud Engine (GCE)Cloudways
 
How to Host WordPress on Vultr
How to Host WordPress on VultrHow to Host WordPress on Vultr
How to Host WordPress on VultrCloudways
 
How to host WordPress on Google Compute Engine
How to host WordPress on Google Compute EngineHow to host WordPress on Google Compute Engine
How to host WordPress on Google Compute EngineCloudways
 
An overview of upcoming features and improvements of PHP7
An overview of upcoming features and improvements of PHP7An overview of upcoming features and improvements of PHP7
An overview of upcoming features and improvements of PHP7Cloudways
 
WordPress Security - What Community Thinks!
WordPress Security - What Community Thinks!WordPress Security - What Community Thinks!
WordPress Security - What Community Thinks!Cloudways
 
WordPress Infographic: WordCamp Events In 2014 (May To July)
WordPress Infographic: WordCamp Events In 2014 (May To July)WordPress Infographic: WordCamp Events In 2014 (May To July)
WordPress Infographic: WordCamp Events In 2014 (May To July)Cloudways
 
Cloud Hosting: 7 Tools That Help Forecast Cloud Services Bill
Cloud Hosting: 7 Tools That Help Forecast Cloud Services BillCloud Hosting: 7 Tools That Help Forecast Cloud Services Bill
Cloud Hosting: 7 Tools That Help Forecast Cloud Services BillCloudways
 

Mais de Cloudways (15)

How To Utilize Blogging For Marketing Your Startup
How To Utilize Blogging For Marketing Your StartupHow To Utilize Blogging For Marketing Your Startup
How To Utilize Blogging For Marketing Your Startup
 
This Is How We Disrupted The Cloud Hosting Industry In 2016
This Is How We Disrupted The Cloud Hosting Industry In 2016This Is How We Disrupted The Cloud Hosting Industry In 2016
This Is How We Disrupted The Cloud Hosting Industry In 2016
 
How PHP will fare in 2017
How PHP will fare in 2017How PHP will fare in 2017
How PHP will fare in 2017
 
Top Ecommerce Influencers on Twitter You Cannot Afford to Miss
Top Ecommerce Influencers on Twitter You Cannot Afford to MissTop Ecommerce Influencers on Twitter You Cannot Afford to Miss
Top Ecommerce Influencers on Twitter You Cannot Afford to Miss
 
Ecommerce Survival Checklist For This Holiday Season
Ecommerce Survival Checklist For This Holiday SeasonEcommerce Survival Checklist For This Holiday Season
Ecommerce Survival Checklist For This Holiday Season
 
A 30 Point Checklist For Your Startup
A 30 Point Checklist For Your StartupA 30 Point Checklist For Your Startup
A 30 Point Checklist For Your Startup
 
Learn What Ecommerce Experts Love About Magento 2
Learn What Ecommerce Experts Love About Magento 2Learn What Ecommerce Experts Love About Magento 2
Learn What Ecommerce Experts Love About Magento 2
 
How to setup tax rules in Woocommerce
How to setup tax rules in WoocommerceHow to setup tax rules in Woocommerce
How to setup tax rules in Woocommerce
 
How to Install Magento on Google Cloud Engine (GCE)
How to Install Magento on Google Cloud Engine (GCE)How to Install Magento on Google Cloud Engine (GCE)
How to Install Magento on Google Cloud Engine (GCE)
 
How to Host WordPress on Vultr
How to Host WordPress on VultrHow to Host WordPress on Vultr
How to Host WordPress on Vultr
 
How to host WordPress on Google Compute Engine
How to host WordPress on Google Compute EngineHow to host WordPress on Google Compute Engine
How to host WordPress on Google Compute Engine
 
An overview of upcoming features and improvements of PHP7
An overview of upcoming features and improvements of PHP7An overview of upcoming features and improvements of PHP7
An overview of upcoming features and improvements of PHP7
 
WordPress Security - What Community Thinks!
WordPress Security - What Community Thinks!WordPress Security - What Community Thinks!
WordPress Security - What Community Thinks!
 
WordPress Infographic: WordCamp Events In 2014 (May To July)
WordPress Infographic: WordCamp Events In 2014 (May To July)WordPress Infographic: WordCamp Events In 2014 (May To July)
WordPress Infographic: WordCamp Events In 2014 (May To July)
 
Cloud Hosting: 7 Tools That Help Forecast Cloud Services Bill
Cloud Hosting: 7 Tools That Help Forecast Cloud Services BillCloud Hosting: 7 Tools That Help Forecast Cloud Services Bill
Cloud Hosting: 7 Tools That Help Forecast Cloud Services Bill
 

Último

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Último (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

How To Protect Your Business From Heartbleed Bug?

  • 1. HOW TO PROTECT YOUR ONLINE BUSINESS FROM HEARTBLEED BUG?
  • 2. My Name is Pere Hospital  IT Security Expert & Cloud Specialist - CISSP, OSCP Certified.  Founder, Cloudways (Managed Cloud Hosting Platform)  Find me on Twitter: @Phospital
  • 3. Why Heartbleed Bug is a Big Deal ? According to CNN:  Two thirds of the web sites and applications that allow you to do online banking or communicate privately through e- mail, voice, or instant messaging use OpenSSL to protect your communications.  That is why a bug in OpenSSL that can render the private information you are transmitting across the wire, visible to attackers. And this is a very big deal.
  • 4. So, How to Protect Yourself From Heartbleed Bug? If you are focusing on WHAT TO DO about it (especially if you have an online business of any kind). This is an overview of what I would suggest. 5-Step Strategy
  • 5. Step 1  Carefully assess what is the level of sensitivity of the data that you have been “protecting” via SSL. (Find out how many SSL certificates you have and where you are using them and to protect what).
  • 6. Step 2  Consider that there may be sensitive information that you are outsourcing already (i.e. to payment providers). In this case, you will have to ask them, what they have done about this bug, and how they have protected the sensitive data they handle on your behalf.
  • 7. Step 3  Once you have gathered the relevant information, you need to decide about taking any further actions.
  • 8. Step 4  The very first thing you need to do is rebuild your defenses, so you need to re-issue your SSL certificates. Then, replace the old ones with the newly-issued certificates. Most importantly, you should revoke all the old certificates to ensure that no other (future) data can be intercepted.
  • 9. Step 5  Finally, you need to assess which kind of sensitive information you were “protecting” via SSL and act accordingly (i.e. resetting user passwords, changing credentials in third party services—and the list continues).
  • 10. Concluding Words…  As more information becomes available, other actions will have to be considered, but with what we know so far, above steps look like a sensible approach to me. Sincerely, Pere Hospital @phospital Also read: Cloudways’ comprehensive coverage on Heartbleed bug