A Brief History of Security on the Web
When the World Wide Web was first introduced, security was of little concern because most web pages were static text – they did not change much. No one imagined dynamic content like online banking and shopping, streaming video, and personal file storage would become common. As the web evolved and websites began to offer these conveniences, they became inherently more complex, and with complexity came the need for security.
As the security of websites improved, so too did the security of browsers. Security we now take for granted such as encrypted connections like Hyper Text Transfer Protocol Secure (HTTPS is the secure version of HTTP) became standardized and implemented on both websites and browsers for the web to continue humming along without interruption. This was no small feat and required the cooperation of web server vendors, website designers, browser vendors, and the public.
How the Landscape Has Changed
On January 12, 2016, Microsoft stopped supporting Internet Explorer 8, 9, and 10 and dramatically changed the landscape of browser security. By withdrawing support, Microsoft has essentially left the back door open for hackers to exploit computers using these browsers. Anti-virus software cannot shut this door – a fact that the companies that make these products have largely admitted in their announcements regarding this change. A security compromise is bad enough for a single individual but if one occurs in a computer used by a staff member with data reporting and Protected Health Information privileges, then the hackers who take control of that computer will be able to access the PHI of your entire organization!
Is Your Data Secure?
If you store data with BSDI you should know that online security is a top priority for us. We have a highly mature security program based on the National Institute of Standards and Technology’s Special Publication 800-53 (Rev. 4): Security Controls and Assessment Procedures for Federal Information Systems and Organizations. These standards are always growing and adapting to new technologies, new security controls, and emerging threats.
We take a proactive approach by constantly scanning our networks and running penetration tests against our web applications. Our developers, technical, and security personnel train heavily in web security each year in order to keep abreast of the latest threats. We know that you trust BSDI to keep your Protected Health Information (PHI) secure, accurate and available and we go to extraordinary lengths to do just that.
How You Can Help
What you may not realize is just how much we rely on you as a partner to keep your information safe. As technology and security evolves we constantly update our hardware, systems, and software to keep pace and we need you to do the same by keeping your browser up to date.
There is a very simple solution to this problem: upgrade your browser to either Internet Explorer 11 or use one of the free, secure alternatives already available to you. Ask your IT department to support this transition (you will likely need their help to install any new software) and ask others to upgrade as well: be a voice for information security and privacy in your organization.
Hackers are continually discovering new ways to compromise every operating system and browser. The only thing that keeps these exploits from running rampant is that Microsoft, Apple, Google, etc. continually release patches that fix these vulnerabilities as they arise. Thus, your browser can stay ahead of many vulnerabilities simply by taking the time to download the latest update on a regular basis. Technology develops at a quick pace and a browser that was considered best practice 5 years ago, may be an open window for hackers today.
BSDI would also love to end our support for outdated browsers as soon as possible. The sheer number of people still using them, however, makes withdrawing support impractical. We are hoping that, with your help, we can reduce this number to a low enough level that BSDI can end support for these insecure browsers and improve our overall security posture sooner rather than later.
How to Upgrade Your Browser
Installing any of the options below will give you the benefit of newer web technologies along with a secure browser platform. Each vendor fully supports their browser, allowing you to keep current and protected against the latest security threats. Please help us keep your information safe by taking a few moments to see if you and the individuals in your organization have the latest version of their available browser. It’s more important than you think.
Runs on Windows XP or later: https://www.google.com/chrome/browser/desktop/index.html
Runs on Windows XP or later: https://www.mozilla.org/en-US/firefox/new/
Runs on Windows 7 or later: https://www.microsoft.com/en-us/download/internet-explorer.aspx
John Love, CISSP, is our in-house security guru and Certified Information Systems Security Professional (CISSP). He constantly monitors our infrastructure and keeps it secure. Conscientious and knowledgeable, John has the answer to any question you may have about the security of our BSDI products.