Category: News

Our Response to “Heartbleed”

3 minute read time · Updated February 11, 2025 · First published April 11, 2014

OpenSSL Heartbleed VulnerabilityAs many of you may already be aware, information was released on Tuesday this week about a major Internet vulnerability widely referred to as “Heartbleed”.

This vulnerability affected a common software library called “OpenSSL” which is a cryptography system built to encrypt passwords and other sensitive information on around two-thirds of all websites on the Internet.

Many popular websites, including Twitter, Yahoo!, Gmail and Facebook had been found vulnerable to Heartbleed, which if exploited could potentially reveal the contents of a server’s memory, including passwords and other sensitive information.

Your popular social site, your company’s site, commerce site, hobby site, site you install software from or even sites run by your government might be using vulnerable OpenSSL“, reveals the website devoted to explaining the bug.

Whilst many of these websites have now this week been updated/patched against Heartbleed, the vulnerability itself has been present in the latest versions of OpenSSL for the past two years, but has only recently come to light and details publicly disclosed this week.

Our MIDAS servers run OpenSSL, however, we have no reason to believe that the vulnerability has been exploited to compromise the integrity or confidentiality of any of our services or of our users’ data. Even so, due to the hard-to-detect nature of the attack, we’re taking a very broad view of the potential vulnerability and have responded accordingly.

What has MIDAS done in response?

Our MIDAS servers run OpenSSL, and we’ve been proactive in making sure that our users’ data and accounts are kept safe. Specifically:

  • Our servers have been patched.
    As of Wednesday 9th April 03:33 UTC, all of our servers have been updated to use a newer, protected version of OpenSSL.
  • We’ve reset SSL keys and certificates for our public *.mid.as servers.
    As of Thursday 10th April 21:51 UTC all of our public servers are using newly-generated keys and certificates. Additionally, we’ve asked AlphaSSL to revoke our old certificates, just to be on the safe side.

What can you do?

We have no reason to believe that the Heartbleed vulnerability has been exploited to compromise the integrity of any of our services or of our users’ data. Even so, if we “host” your MIDAS and you want to be extra careful, you can change your MIDAS password at any time, once logged in via the “Change Password” near the top of your MIDAS screen.

Here’s some handy tips for creating better passwords:

  • Avoid using the same password for multiple websites.
  • Make your passwords at least 8 characters
    – In MIDAS, you can enforce a minimum password length for users via MIDAS Admin Options → Manage MIDAS → Security → Minimum Password Length.
  • Include a mixture of numbers, upper & lowercase letters, and symbols in your password
    – MIDAS can randomly generate such passwords for users, via MIDAS Admin Options → Manage Users & Permissions → [select user] → Password → Random.
  • Avoid complete words.
  • Avoid common passwords such as “123456” and “password”.
MIDAS Password Security Settings
MIDAS Password Settings
Tags: , ,

World Backup Day

2 minute read time · Updated February 11, 2025 · First published March 31, 2014

Today is World Backup Day, the purpose of which is to raise awareness of the importance of keeping your critical digital files and data backed-up.

A “backup” is a secondary copy of all your important files – for example, your family photos, home videos, documents and emails.

Instead of storing a single copy all in one place (like your computer), you keep another copy of everything somewhere else as well, in case anything should happen to the originals.

We strongly believe in the importance of backing-up data you can’t afford to loose, and we’ve built in a number of backup features to our popular web-based room and resource scheduling software, MIDAS to do just that!

World Backup Day

By default, MIDAS automatically and seamlessly takes a complete backup on your database upon the first successful login each day. These database backups are compressed (typical backups are less than 1MB each in size), and are stored on the server where your MIDAS resides for a length of time you specify.

To further protect your data, these daily backups can also optionally be emailed to a pre-defined email address on a daily basis too, so that you can keep your own “off-site” copy too!

In addition, a manual database backup can be initiated instantly at any time via MIDAS Admin Options → Manage MIDAS → Database → Backup Now.

Previous backups can also be easily and readily restored too, either partially or in full, via the simple user interface through MIDAS Admin Options → Manage MIDAS → Database → Restore.

Backup and Restore in MIDAS
Easily Backup and Restore Database Snapshots

For more information on the backup/restore features of MIDAS, please see the Manage Database Settings section of the help documentation.

For our “hosted” customers (who don’t run MIDAS on their own infrastructure, but instead opt to have their MIDAS remotely “hosted” by us), we also take complete database backups daily, which are then stored off-site for a period of six months.

So, that’s how we ensure that your important MIDAS booking data can be kept regularly backed-up, but on World Backup Day today, why not take a moment to backup your own important family photos, home videos, documents and emails too!? It may seem like a hassle, but you’ll be glad you did should anything ever happen to the originals!

Tags:

Earth Hour 2014 – We’re doing our bit… are you doing yours?!

2 minute read time · Updated February 11, 2025 · First published March 28, 2014

Tomorrow, Saturday March 29th at 8:30pm local time, millions of people across the world will be switching off lights for 60 minutes as part of “Earth Hour“.

Earth Hour is an annual global event, organized by the World Wide Fund for Nature (WWF), encouraging individuals, communities, households and businesses to turn off their non-essential lights for one hour as a symbol of their commitment to our planet through a reduction in energy consumption.

We are once again very happy to be supporting this effort!

As you can imagine, running a global web-based business like MIDAS consumes a fair amount of energy to keep our infrastructure and administration up and running.

Earth Hour

But at the same time, we take our environmental responsibilities seriously! That’s why we’ve already invested in servers with lower power consumption (some of our administrative servers draw as little as 18w of power!), and by replacing traditional mechanical hard drives with newer, more energy efficient Solid State Drives (SSDs)

We’d like to encourage other web & cloud based businesses like ours to do the same, and that’s why at 8.30pm tomorrow, we’re once again joining in with “Earth Hour” and will be switching off non-essential systems – not just lights – for 1 hour.

Note: This will not affect access to our website, or prevent our “hosted” customers from accessing their MIDAS scheduling systems during this period, but our non-essential administrative systems will be shut down for 60 mins, which may lead to a slight delay in responses to emails, etc.

So go on, make a difference and support Earth Hour at 8.30pm wherever you are in the world tomorrow!

Tags:

Improved Statistics and Reports

2 minute read time · Updated January 6, 2023 · First published March 20, 2014

We’re improving the statistics/reports that MIDAS can generate for you in v4.06 with three exciting new additions:

Venue Utilization Statistics

Venue Utilization Report
Venue Utilization Report

The new Venue Utilization report shows you the amount of usage that each venue has over a period of time. It will tell you for how many hours each venue is booked out of the total amount of hours available (taking into account the venue’s hours of operation too!), and give you a percentage utilization figure too!

Resource Statistics

Resource Statistics Report
Resource Statistics Report

The brand new Resource Statistics section generates a report into your resources (equipment, consumables, and staffing) over a period of time. It provides details of the number of each resource in use during that period, and an estimate of the income potential from each. In addition, the report indicates the current totals of all resources (as well as unique resources) in your MIDAS, and also provides an insight into the most “watched” resources.

Individual Client Statistics

Individual Client Report
Individual Client Report

Improvements to Client reports now mean that with v4.06 you can see detailed reports for each individual client. These reports show when the client was added to the system, how many bookings and invoices they have, the dates/times of their first, previous, next and last bookings (which can be clicked to jump directly to those bookings). The report also calculates the total combined length of all the client’s bookings, as well as the average length of their bookings

Tags: , ,