Heartbleed Update: SaaS Customers Required to Change Passwords

Replicon Customers Are Not Affected By The Heartbleed Bug

About two weeks ago, independent research teams identified a vulnerability in OpenSSL― the technology that powers encryption across much of the Internet. The news of this vulnerability, popularly referred to as the “Heartbleed bug,” has spread rapidly from tech blogs to the mainstream media.

Akamai, our Content Delivery Network provider, assured us last week that Replicon was not affected by this vulnerability. We learned today, however, that an independent security researcher contacted Akamai this past weekend about defects in the software they used to protect their SSL keys. A bug, in fact, was present, and neither the data nor the keys were fully protected.

Since Replicon uses Akamai services for edge caching and application acceleration for our Cloud platform, this may have exposed Replicon user names and passwords from August 2012 through April 4, 2014. Consequently, we are in the process of updating our certificates within the next 24 hours to eliminate any exposure to the Heartbleed bug.

For customers using SAML (for Single Sign-On), exposure to the bug would be dependent on their organization’s use of affected versions of OpenSSL and their SAML provider.

Replicon will be forcing a password change at the application level once the certificates are updated. At that time, end users will see a prompt to change their password on the log in page.

Read more details from Akamai here: https://blogs.akamai.com/2014/04/heartbleed-update-v3.html

The integrity and safety of our customers’ data is paramount. We are reacting quickly to address and resolve the issue. Customers with queries can contact our Technical Support Team at 1-877-662-2519 (North America) and +800 6622 5192 (Outside North America).

Avatar
ABOUT THE AUTHOR
Replicon
Replicon provides award-winning products that make it easy to manage your workforce. With complete solution sets for client billing, project costing, and time and attendance management, Replicon enables the capture, administration, and optimization of your most underutilized and important asset: time.
Get started today.
Set up a free trial based on your business needs. Start Free Trial

Global Compliance Desk – Karnataka, India

India: Karnataka Government Permits Shops To Remain Open 24/7  On January 2, 2021, the Government of Karnataka issued a notification that allows all shops and commercial establishments in Karnataka, having…Read More

Want Real Solutions That Help You Manage Expense Tracking in Real-Time? We’ve Got Them.

A comprehensive expense tracker can provide your organization with clear insights into how corporate time and dollars are being spent and help you identify unnecessary costs, strains, time-wasting activities, and…Read More

Project Leaders: Here Are 3 Signs Your Remote Project Managers Are Overwhelmed with Technology

Overwhelmed project managers. They are not hard to find. And if you look closely, you’ll probably find a few right within your organization. As it is, project management is stressful…Read More

Miscalculating wages by a few cents led to this company paying a six-figure lawsuit

West Marine Products, which operates a chain of retail stores across the United States specializing in boating supply and fishing equipment, recently settled a class action lawsuit involving 707 former…Read More

Employee time tracking is dead

iBeacons, Bluetooth Low Energy, Proximity sensing and the obsolescence of time tracking as we know it. Businesses have to track the time their employees work for a variety of reasons,…Read More

How Sarbanes-Oxley Impacts HR Departments

Ever since the Sarbanes-Oxley Act (SOX) was passed in 2002, following a spate of high-profile corporate scandals, companies have had to take a wide range of precautions to ensure that…Read More
  • Polaris
  • Time & Project Insights
  • Time & Projects Solutions
  • Replicon Products
  • Replicon Users
  • Cloud
  • Corporate
  • Professional Services Management
  • Shared Services Management
  • Time and Attendance Management
  • Customer Feature
  • Time Intelligence
  • Industry News
  • Global Compliance Updates