Spectre and Meltdown: How Cegid is securing the services provided to customers

16 January 2018

2 min

On January 3, 2018, a research team revealed the existence of two major security flaws. Named Spectre and Meltdown, these vulnerabilities can allow hackers to access data during processing. Cegid is ready to do whatever is necessary to control these risks.

What are Spectre and Meltdown?

These are the nicknames that have been given to two major IT security flaws affecting nearly all computers in the world, as well as smartphones and cloud-based services. More specifically, Spectre and Meltdown are flaws that make a processor, i.e. a computer’s “brain”, vulnerable to attack.

To the best of Cegid’s knowledge, no one has exploited these vulnerabilities in its IT systems or in its SaaS/cloud services, whose integrity has remained intact. But we remain cautious and attentive to developments relating to these vulnerabilities.


What is Cegid doing?

The Cegid security team and all technical teams have been on alert since the announcement of these vulnerabilities so as to take the necessary measures and handle the related risks.

In coordination with all companies (equipment providers, IT system providers, virtualization solution providers, cloud services providers) involved in providing its services, Cegid has launched an update campaign for all systems that could be subject to these flaws.

Cegid is using its expertise in the management of its cloud infrastructure to apply security patches in the most effective manner possible, but as the patches proposed by the various companies affect the central components of IT systems, there might be some impact on performance and stability.

Cegid’s teams will remain on the lookout for developments in these vulnerabilities and will continue to apply additional updates that will improve and optimize the initial patches.


What can you do?

We recommend that you apply all security updates to all of your computer hardware (workstations and servers) and operating systems.
We will keep you informed of developments in these efforts to safeguard your systems.

I would like a demo/a proposal/product information