HubSpot and Apache Log4j: Should I Worry?

HubSpot CRM has the attractive feature that it is very complete in itself. If you only want the CRM, you can do without that one hub. Of a trial period through us even without restrictions.

Those limits are normally there, if you do not request the demo through us. Then you have the functionality, but with a maximum number of recipients of your Marketing efforts.

About HubSpot CRM

Dat HubSpot is complete, ensures that you can basically do without add-ons or plugins. And if you use the version without your favorite add-ons, you're safe. The standard version of HubSpot does not include Apache Log4j.

But with HubSpot you can suffer from it. We explain why.

HubSpot and Apache Log4jHubSpot has a very attractive Market Place. Many software developers, tools and applications are eager to join the success of HubSpot.

The solution: make a beautiful app, stuff it with tempting ones gimmicks of your tool, and put it in the HubSpot showcase. Success assured.

So where is Apache Log4j in HubSpot?

You can already see it coming: HubSpot has dived into its MarketPlace and the alarm bells went off. There are in fact apps with Apache Log4j processed in it, which can be integrated. The main names on that list are:

  • Amazon Web Services
  • Google Cloud
  • CloudFlare
  • Snowflake

Especially with the names CloudFlare and Google Cloud, the hair of our Security engineers stands on end. These apps are partly HubSpot's cloud providers and form the platform on which HubSpot can work quickly and securely for users. So quite fundamental.

That has been going really well so far. HubSpot only sends information with encryption and therefore also complies with all requirements regarding GDPR and AVG. For example, because it actually has the servers for users in the EU in Europe.

In addition, you get disaster recovery at no additional cost. This way, all your contact details can also be restored after an incident. In addition, it has a sound program for updating and HubSpot employees receive training in IT Security.

But we all didn't see the security flaw in Apache Log4j coming for a while. Fortunately, HubSpot jumped into action right away (just like us). The tools were updated immediately after the vulnerability was announced. As far as is known, the temporary vulnerability has had no consequences.

With all the information now known, it is therefore safe to work in HubSpot. That applies to HubSpot, but also all tools in Market Place and all other add-ons.

So if you use HubSpot, you don't have to take any action against the vulnerability in Log4j.  

In other places? We think it is good to check this thoroughly.

Land HubSpot in a safe place

The good news is: HubSpot is 'by Aumatics' for a reason. We are not just a HubSpot reseller. We ensure that HubSpot makes a flying start in your company. Thanks to the professional integration by Aumatics IT engineers. 

Would you like an audit on your own HubSpot integration? Or do you want to securely integrate HubSpot on your network? Then contact us with the HubSpot experts. 

Others
Blogs

Microsoft NCE: what should I do with it? Aumatics helps.
News
Lennert Hut

5 x takeaway from Microsoft NCE

Microsoft is adapting its licensing model for business users. The Microsoft NCE (New Commercial Experience) will take effect from March 1. Doing nothing can lead to significant cost increases. The most important changes at a glance.

Read more "