to main page send e-mail Last Updated:  Monday, October 22, 2018
EUROMOVERS International

The independent voice of the global moving industry


Changing passwords won’t beat Heartbleed Bug

Jun 23, 2014
As details emerge about a software flaw that allows attackers to steal information, including cryptographic keys, from servers, KPMG’s Stephen Bonner argues that panicking consumers into changing their passwords is not necessarily the right response.

Instead, he suggests that organisations hosting sensitive information should identify the weak points in their web footprint and fix these, before advising customers on the appropriate action to take.

Bonner, a partner in KPMG’s Information Protection and Business Resilience team, said, “Too much credence is being given to the idea that the Heartbleed Bug can be beaten if customers change the passwords they use to shop and communicate online. It’s an easy option, but one that ignores the real questions around what businesses should be doing to safeguard their Internet footprint.”

 “The web is a world without borders, meaning that companies must map their entire online presence, identify where vulnerabilities exist and work with their software suppliers to ensure the Heartbleed Bug is blocked at any point of entry.  After all, the software flaw may have a fix available, but it’s only when every gateway is guarded with the relevant patch that customer password changes will be effective.  The fact remains that if passwords are changed beforehand they are just as vulnerable.”

 “If a company identifies vulnerabilities, the next step should be to assess the impact and take action to protect any sensitive data.  If they find that they are secure, logic suggests that customers should be assured this is the case.  After all, having different passwords on each service and changing them on a regular basis makes good sense, but the rush to urge immediate action creates a sense of panic that helps no one.”

Photo: Businesses need to look beyond simple password changes to beat the Heartbleed Bug.

     Unique page views September 2018
     List of advertisers
     Directory of suppliers
     Sign up to our monthly newsletter
Aviomar S.A.S.
  Maxi Mover - low floor Luton van sales
Cookies: This site uses non-invasive cookies to provide an enhanced visitor experience and to measure site performance.  By viewing this website you are agreeing to our use of cookies in this manner.  For further information on how cookies are used on this site, please see our privacy policy.
Privacy Policy  |  Terms of Use  All material © 2011 The Words Workshop Ltd.