RECENT NEWS

Bucknell University SBDC Holds 2017 Celebration of Small Business

  • Share |
    • stumbris award isaac moore
On Friday, July 21, 2017 the Bucknell University SBDC held is annual Celebration of Small Business on Bucknell's campus in Lewisburg, Pennsylvania. During the breakfast, four awards were given to the following exemplary small business owners: InnovateHER Business Challenge Bucknell SBDC Regional Winner: Kaitlin Schuck, Threading Love, Recognizing her efforts and…

Want to Commercialize your Technology? Learn How at the 2017 SBIR Workshop in Villanova

    • solar panels
Are you a small business owner or an entrepreneur in the technology sector looking for opportunities to fund development of an innovative technology? If you want to commercialize your technology, The Small Business Innovation Research (SBIR) program can help.   As a highly competitive awards-based program, SBIR provides funding for innovators…

"Meet the Lenders" Event For Local Entrepreneurs Slated for October 5 in Philadelphia

    • handshake close up of executives 1098 1384
On October 5, 2017, the U.S. Small Business Administration’s Eastern Pennsylvania District will be participating in a lender outreach event hosted by SCORE. Together, they bring “Meet the Lenders” Borrowing Matchmaking, a networking event designed to connect small business owners and entrepreneurs with resource partners and lenders in an engaging…

SBDC Business Continuity Alert: Heartbleed and Next Steps for Small Businesses

  • Share |

With an increasing amount of business transactions being conducted online and rising numbers of small companies using the cloud, the Pennsylvania Small Business Development Centers (SBDC) realizes that some businesses may have been affected by the recent Heartbleed security vulnerability.  Below are some helpful tips and next steps for business owners and employees who manage their company’s online presence.

What is Heartbleed?

Heartbleed is located in the Open-Secure Sockets Layer (SSL) software library.  This bug allows for the stealing of usually protected information by the SSL/TLS (Transport Layer Security) encryption used to secure the internet.  The Heartbleed vulnerability was first noticed in March of 2012 and has left the entire nation vulnerable for the past two years.  Nearly five hundred thousand sites, deemed secure, were left susceptible to Heartbleed, including Twitter, Tumblr, Dropbox, Gmail, and YahooMail. 

Does My Company Have to Worry About Heartbleed?

When Heartbleed was made public, simultaneously a new, secure version of the OpenSSL was released; therefore, allowing major services like Google and Yahoo to update and patch their systems immediately. Check with the online vendors and websites used by your business and ask if they have fixed the Heartbleed vulnerability, if they have, change your password.  You only need to change the password on websites that were vulnerable, or websites that used the same credentials as the vulnerable site.  

What Can My Company Do Going Forward?

  • Change your password for your online business bank account
  • Be vigilant and aware when major security flaws are announced by the general media
  • Sign up for security notifications from your software vendors
  • Regularly update your computer software (browser, operating system, software)
  • Backup your data and related software and applications
  • Train your staff in the basics of computer security
  • Be vigilant and smart (don’t write your password down on a piece of paper, for example)
  • Consider “two factor authentication” to have not only a password to access your websites, but also a secret code provided on a cell phone or other 3rd party device

Where Can I Find More Information?

For more information on the Heartbleed Bug, go to www.heartbleed.com and for a list of affected service providers and their recommendations, click here.

Pennsylvania SBDC Business Continuity & Survival Services available to small businesses include confidential consulting on topics such as creating business continuity plans, assessing cloud services and data back-up, and growing sales through new markets to diversify revenue streams.  Small businesses interested in personalized no-fee consulting on critical business areas should contact their local SBDC for assistance. 

Sources:

“The Effect of Heartbleed on Commonly Used Small Business Websites” Small Business Trends, April 15, 2014 [http://smallbiztrends.com/2014/04/heartbleed-affected-sites.html]

The Heartbleed Bug [http://heartbleed.com/]

“The Heartbleed Hit List: The Passwords You Need to Change Right Now” Mashable, April 9, 2014 [http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/]

“Addressing the #heartbleed panic: advice for small business owners” Kapersky Lab, April 14, 2014 [http://business.kaspersky.com/addressing-the-heartbleed-panic-advice-for-small-business-owners-2/]