Heartbleed and why backup is as necessary in the age of SaaS as ever before

Friday, April 11th, 2014

The OpenSSL vulnerability dubbed Heartbleed (the real name is CVE-2014-0160) that shocked the world earlier this week, may have been effectively dealt with in in most large SaaS services by now.

Google announced on April 9 that most services, including Google Apps, were patched and secured.

Salesforce patched already April 7.

Microsoft determined that Office 365 and other Microsoft services were not affected.

AWS, that Cloudfinder uses, released update and patch information on April 8.

VeriSign, that Cloudfinder also uses, released this recommendation on April 9.

From our perspective, the above items are the most important to relate to. We’ve followed all recommendations and keep following the developing story.

Now to the point of backup. Even if Heartbleed is now hopefully stopped from affecting major services going forward, we have to consider that a large number of hacked accounts in e.g. Google Apps may have experienced silent, virtually untraceable data loss. Hacked user accounts may have had important information deleted, out of  bad intent, unintended consequences or simply a desire to sabotage for others.

Who could have thought this could happen to major SaaS solutions?

Well, we could. That’s why we built Cloudfinder, and that’s why, if your organisation keeps important data in Google Apps, Salesforce or Office 365 (and you’re not our customers already) you may want to give us a call, right now.

When a major incident like Heartbleed strikes, there are two things you need to consider:

  1. Is your data securely replicated in a second location, where it can not be touched by any script, virus or manual action taken against it in the original location?
  2. If a service you are keeping your data in is permanently wiped out, or unavailable to you as a user, how can your data still be available to you in a functional format, ready to be used in a temporary emergency service, or a new (rather urgently decided…) primary service?

This, and much more, is exactly what you get from Cloudfinder.

That’s why we hope to hear from you soon, before the next Heartbleed becomes your next Headache.



Comments are closed.