Alert on the ‘HeartBleed’ Electronic Virus
As some of you may already know, two days ago a major vulnerability on certain websites was announced. The vulnerability known as “HeartBleed”, allows anyone on the Internet to read protected information and hijack encryption keys. These keys allow for the safe communication of information across the Internet.
The security and protection of dentists’ information is of utmost importance. Through best practices and the implementation of best of breed technologies, CDA, with its technical arm Continovation Services Inc. (CSI), have ensured that their users are safe from this threat. The ITRANS Claim Service and the eReferral Service, as well as their collocation facilities, have not been impacted by this recent threat.
From leading security firm Symantec, the following are some steps businesses and consumers should take to protect themselves:
For Dental Practices
- Ask your IT consultant to review systems within the office that use OpenSSL 1.0.1 through 1.0.1f. If they exist, they should update to the latest fixed version of the software (1.0.1g), or recompile OpenSSL without the heartbeat extension.
- Businesses should also replace the certificate on their web server after moving to a fixed version of OpenSSL.
- Finally, and as a best practice, businesses should also consider resetting end-user passwords that may have been visible in a compromised server memory.
For consumers
- Should be aware their data could have been seen by a third party if they used a vulnerable service provider.
- Monitor any notices from the vendors you use. Once a vulnerable vendor has communicated to customers that they should change their passwords, users should do so immediately.
- Avoid potential phishing emails from attackers asking you to update your password – to avoid going to an impersonated website, stick with the official site domain.
For more information click here