These days, ‘hacktivists’, cyber criminals and dreaded DDoS attacks (they’re bad – see definition below) can cause horrendous reputational damage, data loss and hurt the customer experience for businesses of all sizes.
Recent high profile attacks such as Spamhaus and OpUSA have also shown just how vulnerable companies can be. It’s no longer enough to protect against attack X or Y, but necessary to protect against both – simultaneously.
Businesses of all sizes share a common challenge; securing the business and minimising disruption when an attack takes place. The good news is that while the attacks may be complex, there are some simple steps which, when followed, can dramatically increase business defences:
1) Understand what your employees get up to
The first step to securing your business is to understand the needs of people working there. This includes the types of device are they using (PC, iPad, smartphone), where are they accessing information from, what type of data are they accessing remotely, and so on. Once you understand the workforce you can map out ways to protect the network.
2) A firewall isn’t enough – get the professionals to check your defences
It’s important not to rely on your firewalls alone – if a DDoS attack targets your business, this form of defence won’t protect you. These attacks target applications on computers, and the implications of a successful attack are often expensive. New tactics to protect against these attacks are necessary. Get advice from some IT professionals on how to comprehensively protect yourself from this.
3) Consider the impact of the cloud
As organisations continue to move their applications to the cloud as a way to increase reduce costs and make working feel a bit freer, it’s vital that they close off any back doors to would-be attackers. You need cleverer systems to ensure that your security can handle the newest threats. This includes being able to seamlessly configure and automate security in a way that means your data is protected no matter where that remote iPhone or laptop is.
4) Do you have remote workers?
To deal with the threats inherent in remote and flexible working, it is vital to have a network which is contextually aware. That means a network that can identify the source of traffic geographically, by type of device and by authentication and then make intelligent decisions based on this information. Say your CEO is trying to access files from the server on their personal laptop; if the correct security software installed and network access is secure then that would be fine, but if there was a question over the security of the connection or the device, the network could intelligently deliver a read-only access to the files that they need. Preventing any unwanted intrusion attempts while simultaneously allowing the CEO to make use of the IT resources they expect to be available. It’s a win-win. The network is secure and the CEO can work unimpeded.
5) The big threat of 2013 – Identify the risk
Smaller DDoS attacks are likely to provide a significant threat for businesses this year. This type of attack is usually based on floods of data and connection to an IP address or range of IP addresses at the target. An important thing to remember that there is no silver bullet for mitigating DDoS attacks but businesses need to find the product that offers the most features and can scale when being hit by a volumetric DDoS attack.
It’s crucial that we get on the front foot when it comes to tackling cyber-crime and consumer devices in the workplace to try to limit the damage. Businesses of all sizes need to take note and prioritise security or run the risk of allowing cyber criminals to access data through a backdoor or hacktivists to knock them offline.
Joakim Sundberg is a worldwide security solution architect at F5 Networks.
DDoS definition according to Wikipedia (we’re not IT experts at MT): ‘In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of efforts to temporarily or indefinitely interrupt or suspend services of a hostconnected to the Internet.’