Storable Responds to Log4J Software Vulnerability
A newly uncovered computer vulnerability is setting off alarm bells throughout the business world, as a flood of cybercriminals rush to exploit it.
The vulnerability was found in a Java software utility called Log4j. The open-source code is used extensively by commercial software developers and powers everything from web cams to industrial control systems.
Simply put, the code is used to log user activity. However, attackers can use the exploit to take over critical systems without a password or inject malware directly on infiltrated computers. Already close to half of corporate networks have experienced an attempted attack using this exploit, making efforts to address the vulnerability a top priority for companies around the world.
At Storable, we take any security threat seriously and take all actions necessary to keep our clients safe. In the spirit of transparency, this post summarizes the results of our investigation to date and recommended steps for customers.
Immediate response
On Friday, December 10, 2021, the Storable cyber security team became aware of a critical vulnerability in the Apache Log4j2 java library (CVE-2021-44228). We immediately initiated our incident response process to determine our usage of this library and its impact across Storable, our products and our infrastructure.
Facility management software
Storable’s family of facility management software products includes Sitelink, storEDGE and Easy Storage Solutions. None of these FMS solutions are written in Java nor do they utilize the affected Log4j2 java library. We identified one (1) third-party tool used internally in support of our FMS software that was affected by the Log4j2 vulnerability. The vulnerability has been addressed.
Marketplace
We identified two (2) third-party software products used internally in support of the marketplace website that were affected by the Log4j2 vulnerability. The vulnerability has been addressed in both of these products.
Websites
None of Storable’s websites products are impacted by the Log4j2 vulnerability.
Insurance
None of Storable’s insurance products are impacted by the Log4j2 vulnerability.
Payments
None of Storable’s payment processing products are impacted by the Log4j2 vulnerability.
All hands on deck
Storable’s cyber security team continues to investigate our exposure to this vulnerability and we will provide further updates if any new risk to our users or our products is identified. We also monitor our IT environment 24x7x365 for threat activity so that we can respond quickly to any identified malicious activity. At this time, we are not aware of any vulnerabilities in our IT environment related to the CVE-2021-44228. Storable customers should feel confident using our products knowing that we are taking appropriate measures to address this widespread vulnerability.
Connecting and Innovating at the Inside Self Storage World Expo – A Storable Recap
This year's Inside Self Storage World Expo at Caesar's Forum in Las Vegas was not just another event for us at Storable; it was a showcase of passion, innovation, and community. Our dedicated Storable team came excited and left inspired. Our commitment is always to you—our valued customers—and understanding your unique challenges and experiences firsthand. Keep Reading
10 Ways for Storage Operators to Get the Most Out of the 2024 Busy Season
With the housing market at a standstill and a prevailing low-price environment for storage rents, the industry faces a unique set of challenges and opportunities as it approaches the spring leasing season. With overall demand stymied and a surplus of new supply in many markets, winning tenants requires a strategic and proactive approach. Keep Reading
Storage Monitor: Rates and Occupancy Continue Pullback
The self-storage industry is known for thriving in good times and bad times, but what about the in-between times? Keep Reading