Quick Hits Friday: Security Part Deux

Now that you’ve changed all your passwords, it’s time to work on learning lessons from “Heartbleed.” Digging through our blog archives, we have some quick tip security videos to help.

We have one on data encryption, and one on mobile security. Just in case you haven’t changed all your passwords yet, check out this video on password fundamentals. Also, if you haven’t read through our 2014 Solo and Small Firm Legal Technology Guide, read this post on best security software.

All good reminders as it seems like there’s a new revelation or commentary about the “Heartbleed” bug every day.

There’s the Slashdot post on the “Responsible Disclosure Debate,” Matt Smith from Digital Trends pointing out the paltry funds of open source projects like OpenSSL despite being used by Fortune 500 companies, governments and military entities. For a monetary idea of the cost of “Heartbleed,” and all the work put into patching the hole and re-issuing certificates, read CloudFlare’s post, “The Hard Costs of Heartbleed.” Staggering:

to make the total costs more accurate, we ran the numbers using AWS’s CloudFront price calculator using a mix of traffic across regions that approximates what we see at CloudFlare. The total cost to Globalsign if they were using AWS’s infrastructure, would be at least $952,992.40/month.

Adds credence to Digital Trends argument that supporting open source projects, especially critical infrastructure ones like OpenSSL, benefits everyone not only in securing data, but in tangible monetary savings.

Good bet more news of “Heartbleed” will continue as we all take stock of what happened, how we can work to better support open source projects, security steps and what the future may hold for the Internet, security and our use of both.

About Gwynne Monahan

Gwynne Monahan
Best known by her Twitter handle, @econwriter5. Generally speaking, she is a writer posting random, perhaps interesting, things.

Check Also

Cyberattacks

Firms Go on the Defense in the Face of Cyberattacks

While 2016 was a rough year for data breaches and cyberattacks, there is little reason to think 2017 will be any easier for law firms.