Alpha Six Security Notice: Heartbleed
-
Wednesday, 16th April, 2014
-
11:42am
At Alpha Six, we live and breathe by the security of the applications that our customers have entrusted to us. Since the news of the HTTPS Heartbleed vulnerability broke, we have been working diligently to eliminate risk from this threat.
If this is the first time you’re hearing from Alpha Six about Heartbleed, it’s because your system was not identified as “at-risk.” However we do want to inform you of the steps that Alpha Six security experts have taken to safeguard all of the data in our network:
- We completed a full network scan to identify any servers at risk due to the OpenSSL vulnerability (CVE-2014-0160)
- We completed patching of any internal infrastructure identified as at-risk
- For customers with identified at-risk systems, we sent a communication to inform them of the risk and offered to assist with the following recommended actions:
- Patching of at-risk systems
- Reissuing and provisioning of new SSL certificates
- Finally, we determined to include the Heartbleed vulnerability resolution patch in April’s monthly patching routines to ensure any remaining at-risk systems are addressed.
As you know, we take the protection of your data very seriously. Our specialized support teams are standing by to answer any questions you may have or assist you in completing the steps necessary to protect your business-critical applications from the Heartbleed vulnerability. Please do not hesitate to reach out to us via our customer portal at
http://a6.alpha-6.com/submitticket.php.
Best regards,
The Alpha Six Security Squad