CIC’s Online Systems Not Vulnerable to the Heartbleed Bug

24 Apr
2014
Written by: NAPBS

heartbleedCIC’s online systems (Securecontinfo.com, RentProtect and ApplyConnect) are not, and were not, affected by Heartbleed.

For the Ready2Apply Online Rental Application System, we took immediate action to ensure our servers and network appliances were patched and not vulnerable.

The security of your data and your applicants’ personal information is our top priority. CIC is actively involved with the National Association of Professional Background Screeners. Their Data Breach Subcommittee released this helpful article:

There are hundreds of posts, stories and articles about this latest attack on data security. A quick summary is that the Heartbleed Bug gives hackers access to data from servers and equipment after that data has decrypted. That means hackers can pick up data like personally identifiable information (PII) as it moves across systems internally – behind your firewall.

While this bug was just recently discovered, the actual bug was introduced over two years ago. The bug is resident in the OpenSSL encryption code available during that 2-year period and has infected thousands of websites as well as networking hardware from (at least) Cisco and Juniper Networks.

What to do now

  • Check sites on which you enter PII on to see if they are clear of this bug. A few sites to help with this and for more information are:
  • If the site is clear, change your passwords.
  • If the site is not clear, avoid the site and wait to change your password until the company has updated their systems.
  • If the site is not affected, now would be a great time to change password anyway. Use robust formats with numbers, letters and symbols, and turn on two-factor authentication wherever possible.
  • To check your own sites to determine whether they might be impacted by the Heartbleed bug click here. This tool will also help identify other security-related issues that might exist.

The identification of this bug more than 2 years after its introduction is a grim reminder that any organization working with personally identifiable information (PII) should have a sound data breach policy in place and approach this critical topic from the “when”, not “if” perspective.

About CIC

Founded in 1986, CIC is a leading nationwide provider of data solutions for Real Estate Investment Trusts (REITs), property managers, housing authorities, apartment associations, real estate agents and independent rental owners throughout the U.S. For nearly three decades, CIC has leveraged the use of technology to deliver the most reliable and comprehensive information to clients, and continues to do so, today. By delivering quality affordable data solutions to the multifamily housing industry, CIC is proud to provide clients with applicant information they can trust giving them The Power of Decision. For more information about CIC’s solutions including tenant screening, employment screening, wholesale data, screening platforms and property management tools & software, please visit www.CICReports.com or call 888-316-4242.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 54 other followers

%d bloggers like this: