RECENT NEWS

From “This Old House” to ‘Desert Wind’ Air Dynamics leads the pack with Innovation and Technology

    • 1 air dynamics vacuum system boeing advanced aerospace manufacturing e1457640609388
As a U.S. Air Force veteran, Daniel Lehman never imagined how Bob Vila would be the inspiration for a business endeavor. Inspired after watching an episode of “This Old House” Lehman installed a centralized home-vacuum system into his own home, which led him to take that project and turn it into…

Therm-Omega-Tech: A Company on the Move

Therm-Omega-Tech, is a world leader in the design and manufacture of products using proprietary self-actuating temperature control valves.  Founded in 1983 the first product was a valve that uses thermal actuator technology to provide reliable and cost effective freeze protection to the railroad industry. The company returned to its beginnings…

Growing Solutions with Phospholutions

    • 16806902 1472309402793059 8209794932643420640 n
Hunter Swisher founded Phospholutions in the spring of 2016 while still a student majoring in plant science at Penn State. In the fall of 2015 while taking a class, he learned about a soil additive that would help plants soak up nutrients more efficiently. This technology, developed by his professor, was…

SBDC Business Continuity Alert: Heartbleed and Next Steps for Small Businesses

  • Share |

With an increasing amount of business transactions being conducted online and rising numbers of small companies using the cloud, the Pennsylvania Small Business Development Centers (SBDC) realizes that some businesses may have been affected by the recent Heartbleed security vulnerability.  Below are some helpful tips and next steps for business owners and employees who manage their company’s online presence.

What is Heartbleed?

Heartbleed is located in the Open-Secure Sockets Layer (SSL) software library.  This bug allows for the stealing of usually protected information by the SSL/TLS (Transport Layer Security) encryption used to secure the internet.  The Heartbleed vulnerability was first noticed in March of 2012 and has left the entire nation vulnerable for the past two years.  Nearly five hundred thousand sites, deemed secure, were left susceptible to Heartbleed, including Twitter, Tumblr, Dropbox, Gmail, and YahooMail. 

Does My Company Have to Worry About Heartbleed?

When Heartbleed was made public, simultaneously a new, secure version of the OpenSSL was released; therefore, allowing major services like Google and Yahoo to update and patch their systems immediately. Check with the online vendors and websites used by your business and ask if they have fixed the Heartbleed vulnerability, if they have, change your password.  You only need to change the password on websites that were vulnerable, or websites that used the same credentials as the vulnerable site.  

What Can My Company Do Going Forward?

  • Change your password for your online business bank account
  • Be vigilant and aware when major security flaws are announced by the general media
  • Sign up for security notifications from your software vendors
  • Regularly update your computer software (browser, operating system, software)
  • Backup your data and related software and applications
  • Train your staff in the basics of computer security
  • Be vigilant and smart (don’t write your password down on a piece of paper, for example)
  • Consider “two factor authentication” to have not only a password to access your websites, but also a secret code provided on a cell phone or other 3rd party device

Where Can I Find More Information?

For more information on the Heartbleed Bug, go to www.heartbleed.com and for a list of affected service providers and their recommendations, click here.

Pennsylvania SBDC Business Continuity & Survival Services available to small businesses include confidential consulting on topics such as creating business continuity plans, assessing cloud services and data back-up, and growing sales through new markets to diversify revenue streams.  Small businesses interested in personalized no-fee consulting on critical business areas should contact their local SBDC for assistance. 

Sources:

“The Effect of Heartbleed on Commonly Used Small Business Websites” Small Business Trends, April 15, 2014 [http://smallbiztrends.com/2014/04/heartbleed-affected-sites.html]

The Heartbleed Bug [http://heartbleed.com/]

“The Heartbleed Hit List: The Passwords You Need to Change Right Now” Mashable, April 9, 2014 [http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/]

“Addressing the #heartbleed panic: advice for small business owners” Kapersky Lab, April 14, 2014 [http://business.kaspersky.com/addressing-the-heartbleed-panic-advice-for-small-business-owners-2/]