What Security Steps Does Your Business Need to Take Following Cloudbleed?

Internet security breaches occur continuously, but most don’t have effects as far-reaching as those of the so-called Cloudbleed disaster. A Google researcher recently discovered a vulnerability in the code used by Cloudflare, which is one of the biggest Internet security firms in the world. Although the flaw in their code was tiny, it allowed for an unclear amount of sensitive data to leak out across the Internet. Many small business owners are right to question what effect Cloudbleed will have on the security of their company’s sensitive data and critical systems. While that answer is not entirely clear, the steps that small business needs to take to protect themselves.

Cloudbleed

First, let’s take a look at Cloudflare’s background. This Internet security giant has a long list of prominent clients, including Uber, 1Password, FitBit and OKCupid. Cloudflare’s menu of products includes everything from content delivery services to protection against DDoS attacks. So it is ironic that, given that many of Cloudflare’s services center around security, Google researcher Tavis Ormandy recently identified a vulnerability in Cloudflare’s code that causes bits of data to leak during certain processes; this leaked data includes everything from hotel bookings and chat messages to password manager data. In plain English, the leak occurred because Cloudflare’s software had to find a place to store user data once the correct location filled up. Instead of going where it should, Cloudflare’s leaked data ended up being stored on unsecured (and unrelated) webpages.

Knowing all of this, what steps should you take to secure your business’ sensitive data and critical systems? First, don’t bother trying to figure out if your passwords were among those compromised. While CloudFlare says that only a small amount of secure data was leaked, the vulnerability that allowed for this data leak lay undiscovered for six months; no one can say for certain how much data or which data was actually leaked. Furthermore, the nature of the leak means that lots of data may still be exposed even after Cloudflare has patched the issue, and even sites which are not Cloudflare clients could have some compromised data lurking on their servers. In short, trying to determine what sensitive data may have been exposed is a wild goose chase.

What your business should do is proceed as though your information may have been compromised. All of your employees should immediately change all passwords. Log out of any mobile applications after changing your passwords and then log back in. Most importantly, if you don’t already have two-factor authentication implemented, doing so should be your next step; two-factor authentication is not fail-safe, but it will offer your company the best line of defense against hacking.

Do you have questions about whether or not your business’ security protocols are robust enough to withstand threats?

Our experts can help you evaluate the cybersecurity risks your business faces. Contact us today at (954) 717-1990 or sales@laninfotech.com.

Used by permission

Fort Lauderdale Computer Networks
Network Services in Fort Lauderdale
Network Consulting in Fort Lauderdale
Fort Lauderdale Data Backup
Data Security Fort Lauderdale
 
Client Feedback

“LAN Infotech has been an exceptional resource for our organization. They provide consistent knowledgeable network engineers, round the clock monitoring and are invaluable in our IT infrastructure decision-making process. Their level of customer service has been top-notch and exceeds our expectations – we look forward to a continued partnership with LAN Infotech.”

—Janice M. Pennington
Vice-President of Finance & Administration
National Multiple Sclerosis
Society South Florida Chapter
read more»

Featured IT Services Fort Lauderdale Articles

LAN Infotech Recognized as Leading Microsoft Marketing Partner Worldwide

The team of IT specialists from LAN Infotech are thrilled to announce that they have been recognized on Fifty-Five and Five’s Inbound Marketing Excellence Report as one of the top 250 Microsoft mark

Read more

Featured IT Services

IT Consulting Advice for Fort Lauderdale: Taking Care of Your Employees Is Taking Care of Your Business!

Quid Pro Quo An IT consulting firm in Fort Lauderdale will usually advise that you get what you give. This is the core principle which defines most working relationships. The employer gives the em

Read more

Featured IT Services

IT Services Business Advice: Do You Really Need a Management Consultant in Fort Lauderdale?

Eliminate the Middleman IT services in Fort Lauderdale need not cost an arm and a leg to provide services your own organization could source internally. You want a consultation agency willing to he

Read more

Featured IT Services