News of the “Heartbleed bug” has been sweeping the Internet recently, and some reports make it seem as big and scary as Y-2k (remember that one?). While no one is stock-piling water this time the bug has prompted a big push for tightened Internet security. Even the ABA has gotten involved. But rather than give in to the hype, let’s take a look at what Heartbleed really is. Then you can take some easy, if tedious, steps to protect yourself, your Internet identity, and your blog.
What is Heartbleed?
The Heartbleed bug is a computer programming error in the OpenSSL software used to encrypt many mid-security sites (where you have to enter a username and password to access content). The web-comic xkcd.com explains the technical side of the bug in a great image reposted here.
What Does It Mean for You?
The good news is the developers of OpenSSL found the bug before anyone reported hackers taking advantage of it. The bad news is that major Internet services and legal industry services use OpenSSL. While most of the biggies were quick to fix the bug, there was a period of time when your information was vulnerable.
What Should You Do Now?
In the words of Douglas Adams, “Don’t Panic!” The Internet is not going to explode and your data is probably safe and secure. But now might be a really good time to take a couple extra steps to protect it. In fact, the ABA opines it may be your ethical duty if you keep client data in the cloud (like on Box or Dropbox).
Step 1: Change your passwords.
Yes I know it’s annoying to try to remember everywhere you sign in, but at the very least change your password on your email account, cloud backup account, and social media accounts.
Step 2: Use a Password Manager
If you’re concerned about security or just don’t want to have to think up a lot of strong passwords, consider installing and using a Password Manager like LastPass, 1Password, PasswordBox, and KeePass.
Step 3: Encrypt Your Hard Drive
This extra level of protection will ensure data security whether your computer is connected to the Internet or not. Lawyerst.com provides more information and instructions on how to do it.
Step 4: Use 2-Factor Authentication
WordPress, Google, and other key Internet sites now offer a process to verify your identity. When you try to log in to the sites they will send you a text with an authentication code. That way the site knows it is you and you know when someone tries to access your site.
It is easy to get intimidated by the fast-paced changes in Internet security. But by taking a few simple precautions, you can protect your content, data, and client information against the Heartbleed bug. If you need help protecting your blog, contact blogging coach Lisa Schmidt.