April 10, 2014
Security researchers recently revealed a major flaw in the OpenSSL encryption software library used by many websites to protect customers’ data. The vulnerability, known as “Heartbleed,” was determined to be present across a number of software vendors, and has the potential to allow unauthorized access to a website’s customer data and traffic encryption keys.
The team at Lucent Sky immediately conducted a comprehensive review, and have determined that our services, including CLEAR On-Demand and instances of CLEAR Enterprise and Standard deployed on the cloud, have not been impacted by the OpenSSL “Heartbleed” vulnerability. All versions of Lucent Sky CLEAR deployed on premise are similarly not impacted.
Lucent Sky will continue to implement the highest development standards and constant vigilance to ensure that no similar vulnerability interrupts our ability to service customers to the highest degree of safety and satisfaction. “Heartbleed” is another demonstration of the critical nature of application vulnerabilities, and reaffirms the need to vigilantly implement security practices.