By Kyle Christopher

The heartbleed attack was all the talk this week, and rightly so. This vulnerability allowed malicious code to view snippets of active memory from an SSL-enabled process. This meant that an attacker could siphon active memory from a Web process without any trace. They could basically keep siphoning small chunks of memory until they found what they wanted, whether it be user names, file data, passwords, etc. (Source: Infoworld).

There have been lots of tips, solutions, methods and advice on how to address the issue. Aside from that, there are two big takeaways from this vulnerability in my opinion. Here they are:

1. It Pays To Be Behind the Curve on Production Systems

Any storage device, whether it be your iPhone, Android or a data storage array will have vulnerabilities at the outset. Many of you early adopters likely have enough stories to fill a book. It’s certainly worth mentioning that adopting new hardware right off the bat could leave you exposed. You’re the guinea pig. Any security loophole is going to hit you first. Lessons will be learned and later adopters will benefit from your misfortune. So whether you’ve adopted VNX2 or you’re considering an all-flash array, it’s worth considering whether your old hardware has value. This applies in the sense that the hardware and software are now stable, security holes have been closed and your data is secure.

2. Big Data Centers Need Centralized Management

It’s one thing to patch a few dozen Web servers. It’s quite another to be dealing with hundreds of thousands of vulnerable Web hosting servers. While there’s been a lot of talk around decentralizing data centers, this recent vulnerability makes it very clear that centralized management certainly makes things easier when it comes to closing a security loophole. Otherwise, you’re basically having to do a draft to get the team enlisted before there’s even any talk about repairing security holes. And who knows who has access to your data in the meantime.

What other issues do you think should be raised in light of this vulnerability? Are there any big takeaways you’d like to point out? Comment below or contact us.

Reliant can help you assess any areas of vulnerability. We provide hardware that will help you reduce the risk and be prepared for any malicious attack. Contact us at Sales@Reliant-Technology.com.