0
HOW TO PROTECT YOUR
ONLINE BUSINESS FROM
HEARTBLEED BUG?
My Name is Pere Hospital
 IT Security Expert &
Cloud Specialist -
CISSP, OSCP
Certified.
 Founder, Cloudways
(Managed Cl...
Why Heartbleed Bug is a Big Deal ?
According to CNN:
 Two thirds of the web sites and applications that allow you to
do o...
So, How to Protect Yourself
From Heartbleed Bug?
If you are focusing on WHAT TO DO about it
(especially if you have an onl...
Step 1
 Carefully assess what is the level of sensitivity
of the data that you have been “protecting” via
SSL. (Find out ...
Step 2
 Consider that there may be sensitive
information that you are outsourcing already
(i.e. to payment providers). In...
Step 3
 Once you have gathered the relevant
information, you need to decide about taking
any further actions.
Step 4
 The very first thing you need to do is rebuild
your defenses, so you need to re-issue your
SSL certificates. Then...
Step 5
 Finally, you need to assess which kind of
sensitive information you were “protecting” via
SSL and act accordingly...
Concluding Words…
 As more information becomes available, other
actions will have to be considered, but with
what we know...
Upcoming SlideShare
Loading in...5
×

How To Protect Your Business From Heartbleed Bug?

1,276

Published on

If you have an online business and you use OpenSSL, then you should take these measures to protect your business from Heartbleed bug.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,276
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
24
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "How To Protect Your Business From Heartbleed Bug?"

  1. 1. HOW TO PROTECT YOUR ONLINE BUSINESS FROM HEARTBLEED BUG?
  2. 2. My Name is Pere Hospital  IT Security Expert & Cloud Specialist - CISSP, OSCP Certified.  Founder, Cloudways (Managed Cloud Hosting Platform)  Find me on Twitter: @Phospital
  3. 3. Why Heartbleed Bug is a Big Deal ? According to CNN:  Two thirds of the web sites and applications that allow you to do online banking or communicate privately through e- mail, voice, or instant messaging use OpenSSL to protect your communications.  That is why a bug in OpenSSL that can render the private information you are transmitting across the wire, visible to attackers. And this is a very big deal.
  4. 4. So, How to Protect Yourself From Heartbleed Bug? If you are focusing on WHAT TO DO about it (especially if you have an online business of any kind). This is an overview of what I would suggest. 5-Step Strategy
  5. 5. Step 1  Carefully assess what is the level of sensitivity of the data that you have been “protecting” via SSL. (Find out how many SSL certificates you have and where you are using them and to protect what).
  6. 6. Step 2  Consider that there may be sensitive information that you are outsourcing already (i.e. to payment providers). In this case, you will have to ask them, what they have done about this bug, and how they have protected the sensitive data they handle on your behalf.
  7. 7. Step 3  Once you have gathered the relevant information, you need to decide about taking any further actions.
  8. 8. Step 4  The very first thing you need to do is rebuild your defenses, so you need to re-issue your SSL certificates. Then, replace the old ones with the newly-issued certificates. Most importantly, you should revoke all the old certificates to ensure that no other (future) data can be intercepted.
  9. 9. Step 5  Finally, you need to assess which kind of sensitive information you were “protecting” via SSL and act accordingly (i.e. resetting user passwords, changing credentials in third party services—and the list continues).
  10. 10. Concluding Words…  As more information becomes available, other actions will have to be considered, but with what we know so far, above steps look like a sensible approach to me. Sincerely, Pere Hospital @phospital Also read: Cloudways’ comprehensive coverage on Heartbleed bug
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×