If you have
WordPress, you better keep reading…
Equifax Inc. just had their second massive security breach
in four years, and according to the Apache Foundation it all stems from one
…Open source software.
Well, to be exact, it was the consumer credit reporting
agency’s failure to install patches to Apache Struts – an open source framework
used to build Java web applications.
In a statement released Thursday (Sept. 14), the foundation
said a vulnerability was announced and patched on March 7, 2017. Six months
later, Atlanta-based Equifax announced a data breach affecting an estimated 143
"The Equifax data compromise was due to their failure
to install the security updates provided in a timely manner," the Apache
Foundation statement concluded.
What Cyber Security
Leaders Have to Say About Open Source
During TechCrunch Disrupt SF, Google’s Information Security
Manager, Heather Adkins spoke about the dangers of open source software and the
importance of making those crucial updates.
Heather claims that if you’re using open source software, you
probably will get hacked at some point. You need to be prepared and have a
“I think it's the cost of doing business with open source
software. The reality is that we have to stay on top of it,” Adkins said. “Even
if you're just two people in a garage, one of you need to be in charge of
security, whether it's part time as an IT person or as a lead software
“Rather than spending tons and tons of money on technology,
put a little bit of money on talent and have them do nothing but patching.”
Leigh-Anne Galloway, a cyber-security executive with
Positive Technologies (an enterprise security specialist) says, "More
often than not, we are seeing breaches as a result of an organization's failure
to implement security 101 principles, proper patch management, secure software
development, processes and procedures."
Over Half of All
Websites Are Built Using WordPress
One of the biggest examples of an open source software is
also one of the most popular website building platforms – WordPress.
If you are using WordPress (or any open source platform) you
need to take your cyber security very seriously. You can’t reply on plug-ins
alone for security updates. On occasion they will fail. If you never log in and
check what is going on, you become a target. It is fine to lean on automated
updates, but also make sure a human being is responsible and stays on top of
your patches and upgrades.
If you need help staying up-to-date on your WordPress
security or you’re looking for an alternative to WordPress altogether, Sales
& Marketing Technologies has both options. We have WordPress maintenance
plans available as well closed source content management system (CMS) that can be
an option for you to consider.
To discuss WordPress security or request a WordPress
Security, Hosting and Maintenance Proposal, call Sales & Marketing
Technologies today at 407-682-2222 or use the contact form below to arrange
your free consultation.