An article last week about Princeton University research into the sophistication of cyber attacks reminded me just how important it is for online businesses to take their security seriously.
The great strength of the internet is its accessibility but unfortunately the trade off is that this can also be its vulnerability. Providing access to legitimate Web surfers also means potentially providing access to those who would wish to do harm. So it is vitally important for any online business to ensure that they are doing all that they can to protect themselves and their customers from malicious cyber attack.
Most of you reading this blog will probably be thinking that you are totally covered, that you have the right level of protection in place. However, I’m sure that this was what global business giants ING Direct, New York Times and YouTube were thinking as well. According to the research from the Princeton group, all three were found to be vulnerable to attack because of weaknesses in their website coding or configuration.
A common theme to the problems the three websites experienced was data extraction. Cyber attackers were able to obtain important information of visitors to ING Direct, The New York Times and YouTube, which could be later used to obtain further crucial private information.
The realisation that such major organisations can become open to attack is very troubling but by taking the right precautions you can stay ahead of the online criminals.
The first piece of advice in such a situation is always – be proactive. Keep up to date with cyber attack trends and technological developments. Review your security software to ensure it is up-to-date and equipped to deal with new styles of online attack. Old security software is a waste of time.
Second, make sure that access to your website is properly monitored and protected. You obviously have to allow online traffic access through your server portals but procedures can be put in place to block tell-tail unscrupulous originators. Arm yourself with effective zero day protection systems.
Finally, talk to your hosting provider. All good hosting companies have comprehensive security procedures in place to ensure that their clients are fully protected. Make sure that your provider is delivering the protection you need, including appropriate security shields such as Cisco Guard.
It is a constant battle to defend your website from the attacks of online criminals but with proper attention and the right hosting support you can win the fight.