The Heartbleed Flaw: Best Practices for End Users

  • 371 views
Uploaded on

The Heartbleed flaw has led to considerable concern among end users regarding what they need to do next. In this presentation, Elastica CTO Dr. Zulfikar Ramzan provides guidance on what end users need …

The Heartbleed flaw has led to considerable concern among end users regarding what they need to do next. In this presentation, Elastica CTO Dr. Zulfikar Ramzan provides guidance on what end users need to do to best safeguard their data.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
371
On Slideshare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
9
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Zulfikar Ramzan, PhD, MIT Chief Technology Officer Elastica
  • 2. 1 CHECK SITE SAFETY Check any site where you enter confidential data that you don’t want to share publicly
  • 3. CHECK SITE SAFETY https://filippo.io/Heartbleed/ 1
  • 4. 2 UPDATE PASSWORD If the site has implemented the Heartbleed patch, then log in and change your password
  • 5. 2 Image source: marc falardeau http://goo.gl/CsPgO4 If you change your password and the site hasn’t been patched, then you’re giving a hacker a new password
  • 6. 3 GUIDELINES FOR PASSWORDS Length | Complexity
  • 7. 3 LENGTH  Passwords should be at least 8 characters long  A strong password is 12-14 characters long COMPLEXITY  Passwords should be a combination of letters, numbers, symbols, upper and lower case
  • 8. 4 HOW TO BEGIN
  • 9. 4 Email Provider: First, change the password for your main email provider. If your email password is compromised, other passwords can be easily accessed. Critical services: Second, change the passwords for sites that store critical data like banks and financial institutions. Many institutions already have safeguards in place against fraudulent transactions. Update software: A good practice is to update to the latest versions of software.
  • 10. 5 BEWARE
  • 11. 5  Don’t assume that your data is safe.  Beware of fraudulent mails offering instant patches.  Be vigilant, don’t let attackers take advantage of your nervousness.  Preferably avoid using outdated software as they are more vulnerable to threats.  Be aware of threats from data breaches, malwares and malicious software.
  • 12. Thank you.