TrackVia Security and the “Heartbleed” Vulnerability

trackvia_security_heartbleed

TrackVia Security and the “Heartbleed” Vulnerability

At TrackVia we have thousands of customers who use us day-in and day-out to manage some of their most mission-critical business applications.  The security of TrackVia’s service and of our customers’ data is of utmost importance to us, and we invest a significant amount of time, energy, and resources to ensure that security.

On Monday a widespread security vulnerability called “Heartbleed” was announced that potentially impacted nearly all Web providers who make use of OpenSSL (which most do.) Details about Heartbleed are available here: http://heartbleed.com/.  In short, this vulnerability in the OpenSSL toolkit could have allowed an attacker to compromise our private keys and theoretically access communications to and from the TrackVia applications.

TrackVia’s 24/7 Operations team responded immediately to the Heartbleed announcement, and we took all appropriate measures to close any vulnerabilities as a result. This was completed mid-day on Tuesday. While we do not believe that TrackVia’s private keys were previously compromised in any way, we can now report that TrackVia is no longer vulnerable to this security vulnerability.

The security of your data is and always has been of critical importance to TrackVia, and we will continue to provide a highly secure service.

— Marc Haverland, CTO