RECENT NEWS

Growing Solutions with Phospholutions

    • 16806902 1472309402793059 8209794932643420640 n
Hunter Swisher founded Phospholutions in the spring of 2016 while still a student majoring in plant science at Penn State. In the fall of 2015 while taking a class, he learned about a soil additive that would help plants soak up nutrients more efficiently. This technology, developed by his professor, was…

Evolve Build: Wharton SBDC Programs Help Serial Entrepreneur Redefine Renewable Energy

  • Share |
    • story evolvebuild
Michael Sebright loves to start and build businesses, literally. Through his company Energy Reconsidered and his partnership with Evolve Build, he continues to find new ways to conserve and renew energy in Greater Philadelphia.     Ironically, one of Mr. Sebright’s strengths that contribute to his success is his tolerance…

The Secret Tradition Continues: Santinoceto's Market

    • 15170755 346815299007916 3034104713138242140 n
Santinoceto’s Italian Market celebrated its grand opening on March 4, 2016. However, the Santinoceto family name is far from new to the Clearfield area. Nick Santinoceto’s grandparents, Joseph and Mary, opened an Italian market in 1931. Joseph passed away in 1959, but his wife kept the market open until 1984. Nick…

SBDC Business Continuity Alert: Heartbleed and Next Steps for Small Businesses

  • Share |

With an increasing amount of business transactions being conducted online and rising numbers of small companies using the cloud, the Pennsylvania Small Business Development Centers (SBDC) realizes that some businesses may have been affected by the recent Heartbleed security vulnerability.  Below are some helpful tips and next steps for business owners and employees who manage their company’s online presence.

What is Heartbleed?

Heartbleed is located in the Open-Secure Sockets Layer (SSL) software library.  This bug allows for the stealing of usually protected information by the SSL/TLS (Transport Layer Security) encryption used to secure the internet.  The Heartbleed vulnerability was first noticed in March of 2012 and has left the entire nation vulnerable for the past two years.  Nearly five hundred thousand sites, deemed secure, were left susceptible to Heartbleed, including Twitter, Tumblr, Dropbox, Gmail, and YahooMail. 

Does My Company Have to Worry About Heartbleed?

When Heartbleed was made public, simultaneously a new, secure version of the OpenSSL was released; therefore, allowing major services like Google and Yahoo to update and patch their systems immediately. Check with the online vendors and websites used by your business and ask if they have fixed the Heartbleed vulnerability, if they have, change your password.  You only need to change the password on websites that were vulnerable, or websites that used the same credentials as the vulnerable site.  

What Can My Company Do Going Forward?

  • Change your password for your online business bank account
  • Be vigilant and aware when major security flaws are announced by the general media
  • Sign up for security notifications from your software vendors
  • Regularly update your computer software (browser, operating system, software)
  • Backup your data and related software and applications
  • Train your staff in the basics of computer security
  • Be vigilant and smart (don’t write your password down on a piece of paper, for example)
  • Consider “two factor authentication” to have not only a password to access your websites, but also a secret code provided on a cell phone or other 3rd party device

Where Can I Find More Information?

For more information on the Heartbleed Bug, go to www.heartbleed.com and for a list of affected service providers and their recommendations, click here.

Pennsylvania SBDC Business Continuity & Survival Services available to small businesses include confidential consulting on topics such as creating business continuity plans, assessing cloud services and data back-up, and growing sales through new markets to diversify revenue streams.  Small businesses interested in personalized no-fee consulting on critical business areas should contact their local SBDC for assistance. 

Sources:

“The Effect of Heartbleed on Commonly Used Small Business Websites” Small Business Trends, April 15, 2014 [http://smallbiztrends.com/2014/04/heartbleed-affected-sites.html]

The Heartbleed Bug [http://heartbleed.com/]

“The Heartbleed Hit List: The Passwords You Need to Change Right Now” Mashable, April 9, 2014 [http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/]

“Addressing the #heartbleed panic: advice for small business owners” Kapersky Lab, April 14, 2014 [http://business.kaspersky.com/addressing-the-heartbleed-panic-advice-for-small-business-owners-2/]