123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Computers >> View Article

Heartbleed Causes Cloud Security Woes

Profile Picture
By Author: Skyhighnetworks
Total Articles: 54
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

Revelations about the OpenSSL vulnerability Heartbleed raised new concerns this week about the security of major cloud providers Amazon, Microsoft, and Google. While the focus so far has been on consumers and sites they use, many companies are equally at risk since cloud services using SSL to secure data and account credentials. “The threat posed by Heartbleed is the biggest breach we’ve dealt with this year,” Jason Hoff, Director of Security at Amarin Pharmaceuticals said.

Heartbleed is a vulnerability in OpenSSL, the encryption used to protect data transmitted between end users and web providers or cloud services. A simple exploit allows an attacker to view data unencrypted, including the contents of messages and even usernames, passwords, and encryption keys. Using these tools, an attacker could compromise an account, or even impersonate a cloud provider, which is a big problem for Cloud Security in an industry faced with tough questions over whether it can meet the security requirements of enterprise customers.

Skyhigh Networks, a cloud security provider did ...
... research across thousands of cloud providers and found that 368 services are still vulnerable to the Heartbleed bug, even 24 hours after the problem was first widely publicized. Across 175 companies, the survey found that 96% of companies were using at least one service vulnerable to Heartbleed, including the leading CRM, HR, ERP, marketing, analytics, and backup cloud providers.

Many companies still need to assess their exposure to Heartbleed including data that may have been compromised in cloud services used by employees. There are several steps companies need to take in order to find out what their risk is, and then remediate any potential damage to improve their Cloud Security. First, they need to identify which cloud providers they use were impacted by Heartbleed. Second they need to identify when the provider has patched the bug and then change their passwords.

Going forward, many corporate IT departments are looking for steps to proactively prevent these types of breaches. One approach is using multi-factor authentication. When enabled, users login using their username and password, then they must enter another pass phrase or code, generated by a small device or phone, or sent to them via text message. An attacker with just a username and password, but without access to the mobile phone would be unable to login to an account.

Author :

Skyhigh Networks, the Cloud Security Services company, enables companies to embrace Cloud Security Services with appropriate levels of security, compliance, and governance while lowering overall risk and cost. With customers in financial services, healthcare, high technology, media, manufacturing, and legal verticals, the company was a finalist for the RSA Conference 2013 Most Innovative Company award and was recently named a "Cool Vendor" by Gartner, Inc. Headquartered in Cupertino, Calif., Skyhigh Networks is led by an experienced team and is venture-backed by Greylock Partners and Sequoia Capital. For more information, visit us at http://www.skyhighnetworks.com or follow us on Twitter@skyhighnetworks.

Total Views: 588Word Count: 488See All articles From Author

Add Comment

Computers Articles

1. Why Identity Governance Misses Risk Even When Everything Is Reviewed
Author: Soham Biswas

2. Enhance Operational Reliability With A Cloud Temperature Monitoring System For Continuous Equipment Protection
Author: Chris Miller

3. How Mobile Apps Help You Win The Competitors Market
Author: brainbell10

4. Clear Plans And Smooth Permits With Itechlance It Pvt. Ltd. – Cad Help And Telecom Permitting
Author: Itech Lance

5. How To Build A Smart Home? App Step-by-step Guide
Author: brainbell10

6. Smart Mapping For Better Projects With Itechlance It Pvt. Ltd. – Utility Mapping And Gis Help
Author: Itech Lance

7. Can A Custom Computer Improve Gaming Performance?
Author: Jack Williams

8. How To Build A Simple Auction Website Using Woocommerce?
Author: brainbell10

9. Why Call Center Productivity Metrics Are Misleading And What To Track Instead
Author: Aiwi Team

10. Why Employee Productivity Drops In Remote Teams & How To Fix It
Author: Aiwi Team

11. Ciam For Government: Why Commercial Identity Platforms Fail
Author: Soham Biswas

12. Youtube To Mp3 Converter - Fast & Free Mp3 Downloader Tools Online
Author: Emliykerr

13. Need Reliable Professional Chemical Supply And Distribution Services? Discover How Roteschemies Helps Businesses Source With Confidence
Author: Roteschemies

14. Insights And Tips For Marketing Websitesinsights And Tips For Marketing Websites
Author: brainbell10

15. Spark Matrix™: Cloud Access Security Broker (casb)
Author: Umangp

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: