In a climate of increasingly complex threats, hackers and cyber criminals, organisations must employ IT security solutions and strategies that match, and indeed surpass this sophistication.
The most basic building block of any cyber security strategy is policy enforcement for website browsing. This approach is used to guide visitors through the website and enforce correct browsing behaviour.
Web application firewall
A web application firewall learns the correct 'behaviour' by security administrators navigating through the website, clicking on links, and teaching the firewall what is acceptable. This is a fairly simplistic method, but effective nonetheless. The platform then develops a rule set based on these behaviour types and is then poised to identify any misuse of the site.
However, as threats evolve and cyber criminals and hackers develop more cunning ways of gaining illegal access to websites and networks, more comprehensive security is required. High impact attacks such as distributed denial of service (DDoS) attacks can cripple a website.
For organisations that use their websites as valuable business tools – for example e-commerce sites – any downtime can have a lasting impact on profitability and customer perception. DDoS attacks flood the targeted website with requests, effectively tying up all resources and ensuring other visitors can make use of the site.
Defending against DDoS
A DDoS mitigation platform, however, can alleviate this problem. The platform is situated in front of the website and identifies these attacks by looking at the incoming traffic and its IP address. The solution also plays a crucial role in balancing identifying threats with recognising legitimate traffic.
This is of particular importance as DDoS attacks are more likely to occur as a targeted event – for example on an online gambling site during the FA Cup Final in an effort to stop bets being placed – where there is a normal increase in web traffic.
Intrusion detection/prevention systems
Beyond this, and forming part of the ideal multi-layered approach, an organisation should also make use of an intrusion prevention/detection system. The IDS/IPS is ideal for organisations that have websites with dynamic content that requires the use of a complex database, such as an SQL database.
The IDS/IPS can detect and prevent hackers from having a negative impact on the company's website and network, and also guards against internal threats. It uses a combination of monitoring threats and validating users as part of a higher level security strategy.
The key consideration with any website security strategy is the appropriateness of the solution and matching it to the nature of the website. By layering the security and making use of the latest technology and solutions, both internal and external threats can be effectively identified and dealt with.
- Andy Aplin has an established 20-year career in IT Technology, with experience and expertise across the UK and EMEA markets.
