A lot of news is currently being generated regarding the Heartbleed security flaw in OpenSSL. Some of our customers have inquired if we are aware and what we are doing about it.
The SmartVault team has performed an analysis of our service and determined we are not vulnerable to the HeartBleed Bug (CVE-2014-0160) in OpenSSL. SmartVault always recommends you use a unique password for each web application. If you have used a password with the SmartVault service that you also use with a service that is vulnerable to the HeartBleed bug we recommend immediately changing your SmartVault password.
Here are some common questions that we have answered for our concerned customers.
- Does SmartVault use OpenSSL?
- Is SmartVault affected by this security flaw?
- Is my data still safe?
If you have re-used your username and password between a website vulnerable to HeartBleed and SmartVault your SmartVault login could be at risk.
- Should I change my password for SmartVault?
If you have re-used your username and password between a website vulnerable to HeartBleed and SmartVault we recommend immediately changing your SmartVault password.
- What should I tell my clients?
We recommend to communicate to them their data is not vulnerable to this flaw unless they have re-used the SmartVault username and password for another site. If they have they should immediately change their SmartVault password.
SmartVault always recommends using unique passwords for each web site – especially those containing confidential data.
If you have additional questions, you'd like answered please submit your inquiry from our Contact Us page.