We’ve heard a lot about the Heartbleed Vulnerability in the news lately. There’s a reason for that: it affects up to two thirds of websites online and could make the security of your usernames and passwords on a variety of websites compromised. That, of course, could lead to your personal information, banking information, and other stuff you don’t want shared publicly.
We’ll start with the good news: MemberClicks users won’t have a problem. Our customers’ information is secure.
Why is that? The Heartbleed Vulnerability affects websites that use OpenSSL, which is an encryption tool used for the security of user names and passwords among other things. OpenSSL is widely used by sites like Yahoo, Google and GoDaddy. Most of those big websites have jumped on security upgrades to protect users themselves, adding patches and extra layers of protection. You can probably go to any website you’re concerned about and see a press release about it.
MemberClicks does not use OpenSSL. Our encryption is performed another way that hasn’t been touched by the Heartbleed Vulnerability.
That’s a relief, right? Well your member data is secure through us, but you should still take a second and change your passwords on other sites. If someone were crafty enough, they could lift your user name and password and get into other accounts. Let’s be honest: how many of those passwords do you reuse (even though you probably shouldn’t?)
Here’s a list of major websites affected, but it’s a good practice to change your passwords every so often, like every few months, anyway. Don’t forget those mobile devices, as this affects many apps that are used primarily, if not exclusively, on smart phones and tablets.
Take a moment and click on the links at the bottom of this blog and read up about Heartbleed. If you still have questions, try searching for ‘Heartbleed’ and the name of the service you’re worried about. Most major websites have been very clear on how they’re dealing with the vulnerability if it affects them and regularly releasing security updates.
So how can you be sure yours and your members’ data is safe in the future? There seems to be a new computer virus popping up and affecting everyone every few months. Sadly, that’s not an exaggeration. Computer hackers are getting better and better, but the good news is so are websites, software providers, and security services.
Here are some things you can do right now to prevent and protect yourself against future data breeches:
-Change those passwords, and set reminders to change them again regularly. Make them strong with a mix of upper and lower case letters, special characters like @,#, and $ and a good mix of numbers. NEVER use personal information like addresses, names, or phone numbers as passwords, even if you mix up characters.
-Check your AMS’ security. That information should be available on your AMS' website, but a call to customer service is often worth it for peace of mind. To read more about MemberClicks' security, click here.
-Be on the safe side and back up your data, or find out what happens to your data if your computer is compromised.
-If it’s not already, secure your WiFi with a password and be careful about your browsing when on free public WiFi
-You’ve heard it a million times, but don’t click on links that are unfamiliar or unexpected, even if it’s from a friend or colleague. If the language looks strange or the email seems random double check it’s authenticity or just delete it entirely.
Click on the links below for additional tips and suggestions for dealing with this vulnerability. If you have questions about MemberClicks and Heartbleed, please don’t hesitate to get in touch with us! Send us an email at email@example.com.
Important Links to Read:
Heartbleed and MemberClicks: https://help.memberclicks.com/entries/32029230-Information-on-the-Heartbleed-Security-Bug
Heartbleed and OpenSSL information: http://www.inferse.com/14435/heartbleed-bug-openssl-everything-need-know/
A quick overview of the passwords you need to change right now: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
Ernie Smith’s Associations Now article on the issue: http://associationsnow.com/2014/04/spillover-heartbleeds-big-lessons-one-drop-time/