By now, many have heard about the highly publicized Heartbleed bug—a vulnerability to Internet security, which threatens to expose confidential information transferred online. The bug allows access to encryption keys, leak of memory content and access to usernames and passwords. Heartbleed affects secure http servers, and in particular, those that use Open SSL (Security Sockets Layer) versions 1.0.1 through 1.0.1f and is said to have been caused by some bad code being introduced into the product. The websites of major companies, including some social media sites are said to have been affected by this bug.

What makes consumers and businesses particularly vulnerable to the Heartbleed bug is that it is virtually untraceable: it does not leave a trail and it is difficult to determine if a device has been exposed to attack. Providers have attempted to mitigate the potentially damaging effects of this bug through proactive management; by obtaining the necessary patches for the SSL, throwing out old encryption keys and assigning new usernames and passwords.
As break/fix services continue to drive demand for technical support services, the Heartbleed bug may finally raise consumer interest in having ongoing technical support services. Providers’ perpetual struggle to sell technical support subscriptions proactively (before consumers encounter problems with a device or service) has been due to the low value that consumers place on theses when not experiencing problems. Heartbleed’s exposure of the need for proactive management and precautionary measures for online security is sure to improve the value proposition of paid technical support services.

While security-related services (such as antivirus protection and virus removal) are traditionally the most highly demanded paid technical support services, Heartbleed highlights new security vulnerabilities. The Heartbleed bug causes security assets (for example, security certificates and passwords) to be leaked over time. With more people performing more routine activities online this has potentially devastating consequences for many consumers and will definitely cause an increase in attention to security assets. Services like identity theft protection are avenues for technical support providers to exploit even further. While identity protection services are offered by technical support providers, financial institutions and industry associations, Heartbleed reveals a greater need for proactive online security services and may propel technical support services to the top of this food chain.

Parks Associates recently published a report on Selling Support Services to Consumers and Small Businesses, which features current security services being offered to and used by U.S. small businesses.