Friday, April 11th, 2014
The OpenSSL vulnerability dubbed Heartbleed (the real name is CVE-2014-0160) that shocked the world earlier this week, may have been effectively dealt with in in most large SaaS services by now.
Google announced on April 9 that most services, including Google Apps, were patched and secured.
Salesforce patched already April 7.
Microsoft determined that Office 365 and other Microsoft services were not affected.
VeriSign, that Cloudfinder also uses, released this recommendation on April 9.
From our perspective, the above items are the most important to relate to. We’ve followed all recommendations and keep following the developing story.
Now to the point of backup. Even if Heartbleed is now hopefully stopped from affecting major services going forward, we have to consider that a large number of hacked accounts in e.g. Google Apps may have experienced silent, virtually untraceable data loss. Hacked user accounts may have had important information deleted, out of bad intent, unintended consequences or simply a desire to sabotage for others.
Who could have thought this could happen to major SaaS solutions?
Well, we could. That’s why we built Cloudfinder, and that’s why, if your organisation keeps important data in Google Apps, Salesforce or Office 365 (and you’re not our customers already) you may want to give us a call, right now.
When a major incident like Heartbleed strikes, there are two things you need to consider:
This, and much more, is exactly what you get from Cloudfinder.
That’s why we hope to hear from you soon, before the next Heartbleed becomes your next Headache.