Discussions in this blog, like the rest of the site, do not constitute legal advice

The ‘Heartbleed’ exploit, and steps to protect you and your clients

  • April 11, 2014
  • Miles Buckingham
  • Comments Off on The ‘Heartbleed’ exploit, and steps to protect you and your clients

Have you heard of Heartbleed? Hopefully you have, and you have acted in response to the news.

Recent reports of a security flaw affecting key, ubiquitous internet-based services is a frightening reminder of the need to be proactive with security measures in a law firm. At the very least, check the lists of impacted sites, and change your passwords in use on those pages.

Services from Google, to Facebook, to Dropbox, and beyond have been subject to the exploit, and are working now to patch the problem. For users of these services, the Heartbleed exploit means more fears of compromised information, and lost or compromised data.

Take steps now to make sure your data, and the data of clients you assist, is protected. Active two-step verification, when an option. Calendar or schedule automatic password resets on all critical systems. Consider encryption. Simply assuming that your data is safe and secure is no longer a safe bet (to the extent it ever was).

Update: Lawyerist has a good discussion of the issues associated with this exploit over at their blog.