September 2, 2014

The Effect of Heartbleed on Commonly Used Small Business Websites

heartbleed affected sites
Small Biz Technology Publisher Channel Content by
Small Biz Technology

As you might know by now, Heartbleed is a security flaw that enables unauthorized users to access your encrypted information. When you visit a website through a “secure connection,” in theory the information is encrypted and can’t be accessed.

According to CNN:

“Cybercriminals could exploit the bug to access visitors’ personal data as well as a site’s cryptographic keys, which can be used to impersonate that site and collect even more information.”

Just do a Google search for “Heartbleed” to see what you need to do. But in short, you need to:

  • Ensure that the websites you use have fixed the Heartbleed security flaw
  • If they’ve done this, you need to then change your password.

There seem to be so many security holes, flaws and ways for unauthorized users to access your network.

Here’s What You Should Do To Be As Secure As Possible

  • Be vigilant and aware when major secure flaws are announced by the general media.
  • Sign up for security notifications from your software vendors.
  • Regularly update your computer software (browser, operating system, software).
  • Backup your data and related software and applications.
  • Train your staff (and yourself) in the basics of computer security.
  • Be vigilant and smart (don’t write your password down on a piece of paper, for example).
  • Consider “two factor authentication” to have not only a password to access your websites, but also a secret code provided on a cell phone or other 3rd party device.

Affect of Heartbleed on Commonly Used Small Business Websites

Below are some popular small business online software websites and how they have been affected by Heartbleed.

Quickbooks Online: Not affected.

GoDaddy: If you use their SSL services read this statement on what to do.

PayPal: Not affected.

Dropbox: Was affected but has patched it’s servers, although a password reset is probably needed.

Evernote: Never affected and was secure.

Asana: Was affected and fixed their servers, but you might want to change your password.

Banks: Most all banks appear to have not been affected.

Infusionsoft: Not directly affected at all, however read this thorough blog post for more details.

Heart Photo via Shutterstock

More in: 8 Comments ▼
Advertise Here

Small Biz Technology


Small Biz Technology SmallBizTechnology.com is part of the Small Business Trends Publisher Channel, and is all about helping “regular” small business owners – those who are not technically savvy – know what technology they need to boost productivity, save time, save money, increase revenue and boost customer service in their business.

8 Reactions

  1. I guess I have to be a little bit concerned as I keep a lot of my files on Dropbox. How about websites that has security measures? Should we worry that much if we don’t have that big of an audience as with those big brands?

  2. Glad to see so many proactive efforts being taken to secure users data. In today’s world data security is a big deal that can set you apart.

  3. I usually don’t comment, but I think this is a very important issue. First, the whole thing just scares me: I have recently moved my business (I analyse metrics for small companies) to the cloud from the accounting to the storage. However my cloud, tresorit was not affected (they have end to end encryption and many other things. I am really happy with them and changing dropbox seems to pay off..). However I also use Evernote to track my schedule and many other services which were actually affected – so changed my passwords as soon as they corrected the issue. What I want to say here is that changing passwords is not an optional and good to have action, but a must.

    • It is quite worrying, but the way I see it is I’m not going to lean into that worry. That’s what whoever (or people) did this wants. I’ll take the necessary measures (which I’ve done most of) and move on.

  4. This security flaw had been around for years? How did a company like Dropbox react to the news? I want to put more and more of my stuff into the cloud. Should I think of alternatives in the future?

  5. This is really widespread, isn’t it? Hmm.

    I didn’t know Dropbox was affected too. Thanks for mentioning it.

  1. Pingback: Ep 32: Heartbleed

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>



Compare your business to the industry - Try our new tool