Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

Companies warned not to let Heartbleed affect HR and payroll

Security experts have advised that Heartbleed vulnerability risks extend beyond just websites and are warning companies to check that their HR and payroll software is not at risk. Using vulnerable OpenSSL code which may be found in some SaaS (software as a service) or online web platforms, the widespread bug could enable hackers to compromise systems undetected and collect sensitive personal and financial data and even the decryption keys themselves.

With HR systems holding personal information such as bank details, passport numbers and payroll information, companies need to ensure this data is secure.

Paul Beaumont, managing director of Octopus HR, says: “While I’m pleased to say that Octopus HR has not been affected by this security flaw there may, however, be some providers whose software has been vulnerable to an attack. Organizations that use a SaaS HR system are strongly advised to check with their provider whether their HR system is hosted on servers having used any of the affected versions of OpenSSL.”

“Companies whose providers are using OpenSSL will have been susceptible to an attack so all users with access to the system will need to change their passwords. However, it is important to check that the software provider has implemented all required security patches and revised their SSL certificates first or any new login details will also be at risk.”


•Date: 22nd April 2014 • UK/World •Type: Article • Topic: ISM

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here