Baltimore Tech News: Third Major IT Security Flaw Discovered This Year
According to the Chinese zodiac were in the year of the Horse, but IT professionals are starting to see it as the year of the bug. With Heartbleed and Shellshock IT security has had a tough enough time keeping up with emerging security threats, but now there’s a new bug on the horizon: Poodle. Working nets is here with the details on this new IT security threat and what you can do to combat it and keep your Baltimore business safe.
So What is Poodle?
Poodle, an acronym which stands for Padding Oracle On Downloaded Legacy Encryption, was discovered, like the Heartbleed and Shellshock vulnerabilities, in a 15 year old technology: SSL 3.0, which stands for Secure Socket Layer 3.0, is a technology that is widely used today to encrypt a user’s browsing session, particularly if they are using a public network or device. The Poodle vulnerability presents the potential for hackers to observe and even hijack a browsing session, taking control of somone’s online banking, email, or social networking accounts. Three IT security researchers at Google announced the discovery of the Poodle vulnerability last month.
How Dangerous Is Poodle?
In response to the announcement the OpenSSL Project, developers of the most used SSL applications, advised makers of web-browsers to disable support for SSL 3.0. IT security experts seem to agree that Poodle is much less of a threat than Heartbleed or Shellshock, in large part because SSL has been largely superseded by a newer security protocol called TLS. Additionally to pull off an attack the victim must be actively browsing on the same network at the same time as an attacker, giving Poodle a much smaller window of vulnerability.
How Can I Stay Safe?
To be safe, make sure your browser is up to date and not using SSL 3.0. If this is impossible, stay away from using a public network, or network that unfamiliar users can log on to, while conducting secure transactions, managing sensitive emails, or other information that you wouldn’t want others seeing. To make sure your Baltimore company’s sensitive data is being protected, consider outsourcing your IT security to a dedicated professional.
Staying on top of everything can be a hassle, especially if you’re already running your own Baltimore business. Outsourcing your IT can give you peace of mind and allow you to take care of the things that are important for your company.
To talk to someone about managed IT for your small Baltimore business, give us a call at (443) 992-7394. We’d be happy to assist you with your professional business networking needs.