Part 3: Halloween in the Data Center?

Posted by Sabrina Sturm Wed, 31 Oct 2012 15:03:00 GMT

Close your company’s door on zombies

 

If you are thinking about how to effectively protect your company data from botnets and similar attacks, you will have to take two different scenarios into account.  On one hand you can become the “victim“ of a botnet attack (DDoS attack), without being part of the botnet yourself, and on the other hand, malware can creep into your company with the help of employees or IT security gaps – company PCs will then mutate into a part of the zombie army.

To protect yourself against the DDoS attacks named above, you should use intelligent proxies (webservers) that can detect DDoS attacks. Such a proxy only allows a given number of server requests per IP address per minute; if the limit is exceeded, any further requests of that particular IP address are blocked. The worst that could happen then, would be that your service (for example, the web-shop or the customer portal) will slow down a little: a complete failure, however, will not take place. A secondary effect of this anti-zombie vaccination (aka intelligent proxy): If there is no weak point, there will be no risk from digital extortion.

Using an intelligent proxy sounds pretty simple so far. However, to inhibit the infiltration of the company by malware, you will need to take further precautions, since malware is distributed by extremely diverse means. All in all, it is advised to execute a continuous security policy, suited for your company.  Weak points of the IT are often unpatched security gaps, plus the fact that an obsolescent version of anti-virus software is used, or none at all, and therefore the malware will neither be detected nor stopped. However, even remote access to a company’s resources via mobile devices (e.g., smartphone, tablet, laptop, etc.) can pose – if improperly executed – a potential risk. Hence, one should implement reliable and most of all secure remote access solutions, that have the needed security features, such as an integrated virus check, in their armory. Nowadays, there are even trustworthy solutions for smartphones on the market that prevent the transfer of malware into the company network. If nothing else, employees and their sometimes inadvertent behavior can also pose a security risk. Therefore, the employees should participate in security training and be continuously sensitized concerning this topic. What can often lead to nightmares are drive-by downloads, clicking on dubious links or opening untrustworthy mail attachments – before and after Halloween. 

 

We now wish you all a "Happy Halloween"!

 

no comments |

You must be registered in order to write comments. To register as a new user click here.

If you're already registered, please leave a comment here

Leave a comment