CHANDLER, Ariz., April 10, 2014 /PRNewswire/ -- The Heartbleed internet security breach - called "catastrophic" by security experts - was completely preventable. Heartbleed has left millions of Americans at risk because they trusted their personal information to what they were lead to believe were "secure" websites. However, those sites had a vulnerability unknown to the companies.
"The standard SSL protocol has an implementation bug, which was introduced in 2011 and recently made public," explained Ty Lindteigen, CEO of SAIFE, Inc. "This bug allows access to the private key of the server, which allows access to your password and personal data. Unfortunately, it could take weeks for all of the servers to be patched and the certificates to be updated."
The Heartbleed bug illustrates both how dependent we are on the Internet and the vulnerability of our personal data. Potentially affected companies range from social media to financial institutions and healthcare providers. "It's been estimated that approximately 2/3 of all sites on the Internet are powered by servers affected by the Heartbleed bug," said James Jones, CTO of SAIFE. "People's lives are being impacted; they're being urged not to log into their bank accounts, credit card accounts, email, etc. until the bug has been patched on each site and they've received verification that an updated security certificate is in place. However, it can take a long time for companies to update their security certificates. This is why alternatives such as SAIFE are so critical."
SAIFE is an innovative software solution that provides trusted routing over untrusted networks for desktop, mobile and tablet devices. SAIFE also allows for immediate updating of security certificates. Companies using the secure connections provided by SAIFE would be unaffected by Heartbleed for the following reasons:
Unique Secure Connection Setup: SAIFE distributes security certificates in advance rather than per connection, removing the vulnerability from Heartbleed by only allowing known, authenticated endpoints to communicate with the services.
Dynamically Created Security Certificates: A method known as Perfect Forward Secrecy creates a security certificate dynamically rather than using a static certificate for the same website for months. This prevents a successful attack from stealing the server or client's private key from past data.
Immediate Server Certificate Issuance: The SAIFE platform provides the owner total control over the security of their site by allowing the organization to revoke or immediately reassign a security certificate should there be risk of breach.
"It's unfortunate that so many people will be impacted by the Heartbleed bug when it is completely preventable," said Lindteigen. "If companies would invest in technology solutions such as SAIFE, consumers will not have to worry about the security of their data in the future. Websites using SAIFE's technology are secure and the consumers who use them do not have to worry about staying offline or having their personal information stolen."
About SAIFE, Inc.
SAIFE is the premier provider of secure communication and is recognized for rapid development of innovation and digital security without compromise. SAIFE's solutions have received the highest level of trust within the military ranks and address the needs of commercial applications. The SAIFE platform provides unprecedented DDoS protection and unrivaled security for the Internet of Things. SAIFE's ability to secure communication with already existing devices, networks, and infrastructures, provides customers with the industry's most robust software-only solution that is scalable, easy to use and trusted. SAIFE is a privately held organization headquartered in Chandler, Arizona.
For more information, please visit http://www.saifeinc.com
SOURCE SAIFE, Inc.