You have likely heard of the Heartbleed bug, which gained notoriety earlier this month after Neel Mehta of Google's security team reported it on April 1. The bug contains serious issues regarding the implementation of the Transport Layer Security Heartbeat Extension. Essentially, it's a vulnerability in Open SSL that allows hackers to view encrypted data.
The reason this is such a big issues is because Open SSL is a program used by roughly 67 percent of the internet. It's designed to scramble content so those who shouldn't have access to it won't be able to see it. Many prominent sites use Open SSL, which means there is a chance the average online user has a social security number, credit card data or other extremely sensitive information available to view in an unencrypted format by anyone who wants to see it.
Since this discovery, the top software and security professionals have been hard at work developing a fix. In some cases, the worst may be behind us, but others have questioned the scale and scope of the issue. Jason Steer, director of Technology Strategy at FireEye, spoke with the Daily Telegraph about this issue.
The problem, he said, is that Open SSL is prominent in a number of online applications. Even if your traditional website is not affected, there are many other places where it could.
"Open SSL is so ubiquitous today that it is hard to think of where it is not used for secure transmission of information, software updates," he said. "Open SSL is found in so many things, virtual private networks, email encryption, instant messaging, Voice over Internet Protocol (VOIP) and many others."
The fact that VoIP or any other of your telecom solutions could be compromised by Heartbleed can be disconcerting. The advantages gained by connecting voice calls over the internet could all be mitigated if sensitive information shared and accessed during communication is compromised.
This shouldn't, however, scare away any of those interested in VoIP, but rather remind them to be cautious when using the technology. Working with a VoIP for small business provider will allow companies to manage the technology in a way that can mitigate the risk of a serious security breach.
This incident also showcases just how important it is for companies to be mindful of such events. Following best practices will help put organizations in position to combat these challenges should they arise, which will allow business owners to rest assured knowing their operations are safe and both the company and its customers are protected.