Earlier this week, a security advisory was released by the OpenSSL team warning of a vulnerability for certain versions of the organization’s widely popular encryption package. If you’ve listened to the radio or watched the news in the last 24 hours, there’s a good chance you have wondered what (if anything) this means to you. From the official page of the team tracking the bug:
“The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).”
DataYard quickly responded to the potential security issues this new vulnerability posed to our customers.
Our system engineers and administrators worked throughout the evening on April 8th and into the morning of April 9th to ensure the security hole was patched on every system under DataYard Server Management. By 7:45AM on the 9th, all client and DataYard corporate systems were fully protected, hours before the mainstream media began reporting on the story. CNN didn’t begin its coverage until 10:23 that morning.
There are plenty of in-depth response articles emerging within the technical community, both as organizations continue to deal with this problem and as others are just realizing its scope. DataYard continues to educate concerned customers on any potential security implications the vulnerable code base may have created. But at the moment I think it is important to focus briefly on the value that a professional, focused, and serious system administration team brings to the business in a digital age.
To the client, system administration is not a sexy endeavor.
With great system administration there is not the obvious visual satisfaction offered by such trades as design, manufacturing, architecture, and countless other creative occupations. Rest assured, DataYard System Engineers do not deploy final security fixes or application upgrades at 3:23AM to the roar of customer accolades and champagne spray at Winner’s Circle.
But that is kind of the point. The value of DataYard Server Management isn’t that you see it; in fact, it’s quite the opposite. The value is that when something like Heartbleed happens, it isn’t your responsibility as the client to respond to or even know about the issue – it’s ours. And, believe it or not, we think that calmly fixing potential problems before they become real problems is pretty sexy in its own right.
NASCAR can keep the champagne.
