WordSecure Messaging

WordSecure is covered for Heartbleed, OpenSSL, Passwords.

Jonathan S. Lybrook WordSecure By Jonathan S. Lybrook - Boulder, Colorado - April 11, 2014.

By now you have likely heard of the Heartbleed bug and how it has effected web security. Our secure servers (including mail and WordSecure systems) began getting patched for the bug Wednesday morning, April 9 and completed April 10. Re-keying secure certificates was recommended so we are doing that as well for our Enterprise System customers.

For secure open source applications, this is a severe blow to trust. We had been told for years that open source projects are thoroughly examined by the largely volunteer security community. This gave us confidence in writing code dependent on vital protocols, such as openssl. The problem with this particular bug is it could have been exploited for nearly two years, collecting information that was supposed to have been secure including passwords. Who may have benefitted from the ability to sniff files, messages, usernames and passwords directly from the supposedly secure cache is left to be seen. The ramifications can not be overstated.

At the moment we have no reason to believe any data on a WordSecure system has been compromised. This is not to say it could not have been.

We have patched the servers to contain the problem with Heartbleed bug under openssl. The rest is up to you: Please delete any messages that don't need to be on the system. If you are a Super Users, you can purge all messages under Administration | System Settings and set the expiration date to 1 day. Also change your password now and encourage your users to do the same! This is true of WordSecure and essentially any site running SSL. More info at http://heartbleed.com

As with all security threats, this one too is being countered and process goals refined at all levels to prevent its recurrence. A not-so-subtle reminder that data security is not a state, it's an on-going process.


For more information:
CONTACT: Jonathan S. Lybrook, Manager
or visit https://WORDSECURE.COM
Email address: press@wordsecure.com

Jonathan S. Lybrook is Manager at WordSecure. WordSecure Messaging provides solid, commercial-grade, web-encryption services that exceeds the requirements for HIPAA compliance and ecommerce. It's the easiest way to send information securely.

Past News Items:

July 30, 2013 - What do Hackers and the NSA Want?

December 14, 2012 - WordSecure LLC now offers Secure Messaging using the iPad and iPhone

June 21, 2012 - WordSecure, LLC celebrates its 5th year of production of the WordSecure Messaging platform

January 3, 2011 - WordSecure Announces Security Product Enhancements for 2011

December 1, 2010 - WordSecure Provides Secure Email Messaging Services Free to Charities

August 3, 2010 - WordSecure/Power LogOn Privacy Suite Alliance

Top of page   •   Call us: 877-878-6798   •   Contact Us   •   Copyright © 2007-2017 WordSecure. All rights reserved.