There has been a lot of talk in the news recently about Internet security. First and foremost has been the Heartbleed bug. Heartbleed exploits a flaw in the open source system that secures individual websites. You will notice when you browse that some website locations begin with HTTPS rather than HTTP. Secure sites use HTTPS. Sometimes you also see the little padlock. Well it turns out that in some instances that padlock was no lock at all.
So what is a person to do? Well, if you visit websites belonging to entities like banks, stores, e-mail providers or, come to think of it, just about any website, you need to think about changing your passwords, now and on a regular basis. Before changing your password for any particular website, discern whether they have updated their security to eliminate the Heartbleed bug. Most websites using security have indicated on their website whether they have made the update (or needed to; some did not). Once the website has eliminated the bug, change your password. Here are some tips on adequate password management. At base, choose difficult passwords, and do not use the same password across multiple websites. Use a password managers like Lastpass to manage your passwords.
If someone figures out your username and password for your e-mail account, they may, among other things, hijack your e-mail account to send out malicious e-mails that attempt to draw the recipient to websites from which malicious code can be launched and their computer infected. We seem to be receiving a rash of messages from hacked e-mail accounts lately. Here are some tips on how to deal with your e-mail account if it has been hacked. Please feel free to share.
For many of its clients, GoatCloud manages the website, and takes many steps to keep your website secure. If you are managing your own website, make sure that you or someone else is keeping security software up to date and monitoring the site for any problems. If your site gets hacked, the bad guys not only can take it down, or use it to infect visitors’ computers, but also service providers such as Google can blacklist your site, which can be a search engine hole that is very hard to get out of.
Please let us know if you have any questions, and “Hey, let’s be careful out there.”
Photo credit: Security S-1A posted in Flickr Commons by SDASM Archives