As a result of the massive internet privacy bug Heartbleed, a few of the leading cloud companies we work with were affected. In an attempt to summarize them for reference, here is a list of each company along with their statement about Heartbleed:
- Salesforce.com – NOT affected – statement
- Google – Affected & patched – statement
- Ringcentral – NOT affected – statement provided by email ” The RingCentral service was not vulnerable to the Heartbleed Bug. Additionally, we have worked with our phone manufacturers. Only Polycom VVX phone models have the vulnerability, and this is being addressed by Polycom. We will push out the update once available. Cisco phones and the remaining Polycom phones are not vulnerable. Note that customer messages are not stored on the desk phones. As always, we recommend that customers configure their local networks using best practices to ensure that the user interfaces on VoIP phones are protected by customer firewalls.“
- Docusign – NOT affected – statement
- Conga – NOT affected – statement
- Screensteps – NOT affected – statement
- Clarify – Affected & patched – statement
- Smartsheet – NOT affected – statement
- Backupify – Affected & patched – statement provided by email “Our Engineering team quickly took action and immediately patched OpenSSL. We have no evidence to suggest anyBackupify systems or data was compromised but we took the precautionary step of changing our SSL certificates. Your data is safe. We have a dedicated team focused on security, have regular penetration tests, are SOC2 Type II audited, and manage our controls based on industry best practices.“
- Citrix Online – NOT affected – statement
- Desk.com – Affected & patched – statement
- Formassembly – Affected & patched – statement
- Mailchimp – NOT affected – statement
Here is a checker tool provided by Lastpass (refer to company statements for best accuracy however). For recommendations on how you and your small business should deal with Heartbleed, refer to Heartbleed – 5 Recommendations for Small Businesses.
Concerned about cloud app security? Contact Perpetual West at (877) 388-6400 to learn more about security best practices and how we can help your business leverage the best solutions the cloud has to offer.