Computer Security – Protecting Against Heartbleed

heartbleedEarlier this week, a major security vulnerability related to secure websites was disclosed.  It is estimated that up to 60% of all websites on the Internet are or were impacted by this vulnerability.  I want you to rest assured that the staff of the Office of Information Technology have been monitoring this very closely and have taken proactive steps to ensure University information remains secure.

Clarkson University PeopleSoft, Outlook Web Access, Moodle, CAS and other core services are not and were not affected by this vulnerability.   The few centrally provided IT services that were vulnerable were patched within 12 hours of the disclosure of the vulnerability and did not have access to University usernames and passwords or other sensitive information.

Additionally, the Office of Information Technology has proactively performed scans of the University network to identify any vulnerable hosts that may exist outside of the University’s datacenter.  OIT security staff have been working closely with the owners of affected systems to implement remediation steps.

There is no indication that any Clarkson University information or account credentials were in jeopardy or were actually compromised as a result of this vulnerability.  We will continue to monitor the situation closely and will notify the University community of any major developments.