April 15, 2014

Dear KWI Customer:

Last week, the NCCIC/National Cybersecurity and Communications Integration Center made KWI aware of the Heartbleed computer vulnerability that could be used to compromise certain versions of OpenSSL.

As of this date, KWI has found no evidence of KWI products being directly impacted by the Heartbleed vulnerability. Current KWI products do not use versions of OPEN SSL vulnerable to the Heartbleed bug.

In addition, KWI has passed an external scan of our backoffice system probing for this vulnerability.

Though there are no specific remediation instructions to resolve the Heartbleed virus, KWI highly recommends that the KWI "Network Requirements for Internet & POS" whitepaper be periodically reviewed.

If you have any questions regarding this vulnerability, please contact myself or your KWI Client Representative.

Sincerely,
Your KWI Team