With hackers on the rise, protecting your website and keeping it secure is vital. Americaneagle.com has partnered with Incapsula to help protect our client’s sites. Incapsula is the leader of a new category of business security solutions that protects critical applications and data from theft, insider abuse, and fraud. Incapsula provides solutions for controlling and monitoring all data usage and business transactions across the data center. We recently sat down with Orion Cassetto, Senior Product Marketing Manager at Incapsula, to get his expert opinion on security issues.
Americaneagle.com (AE): What is data center security?
Orion Cassetto (OE): Traditional security solutions typically fall into two categories– endpoint security and network security which prevent unauthorized access to devices such as PCs or servers, and network infrastructure, respectively. In contrast, data center security is a new category of security solutions which focuses on protecting high valued data assets where they live, within physical or virtual data centers. These assets are typically things like applications, databases, and file systems. Protecting these data assets and monitoring their usage requires specific technologies not present in endpoint security or network security solutions. Companies looking to protect these assets in their data center should look to implement solutions like a Web Application Firewall (WAF) or Database and File Activity Monitoring solutions.
AE: With hackers on the rise, how does a Web Application Security solution prevent future attacks?
OE: Since the dawn of the Internet, hackers have been an ever-present threat. This threat of attack has evolved alongside advances in technology in a never ending game of cat-and-mouse. Web application security solutions are designed to harden the most forward facing piece of an organization's web presence, the website and applications running on it. Securing a website can be done by improving the code powering the site, or by blocking web attacks before they reach the application. Even with automated tools, improving source code can be a long and expensive process. Blocking attacks, on the other hand, can be accomplished fairly quickly and easily using automated tools like a WAF. Incapsula takes this approach by using WAF and DDoS mitigation solutions to clean malicious requests out of website traffic streams before they have an opportunity to reach protected websites.
AE: If a company is breached, how should they respond to the public?
OE: In our experience, customers are generally supportive of an organization that is under attack. This is especially true for attacks like distributed denial of service (DDoS) which do not necessarily lead to data breach. When organizations try to hide or cover up an attack, the secrecy or lack of transparency typically results in a shift of anger on behalf of customers from the attacker to the organization. For this reason, we recommend working with your PR department and /or PR agency to disclose attacks to manage the impact of the breach.
AE: Where are most of the DDoS Botnets located?
OE: DDoS attacks are frequently routed through hijacked hosting environments or internet connected devices in regions having an insecure infrastructure. The attacks may originate in another country, but are then amplified through other environments. IT infrastructures in these countries tend to have weaker security measures in place, which is why computing resources located there are used more frequently to commit attacks. According to Incapsula's recent DDoS attack report
• 52% of DDoS attacks during the sampled period originated from the same ten countries (India, China, Iran, Indonesia, US, Thailand, Turkey, Russia, Vietnam, and Peru)
• India, China, and Iran accounted for 25% of all malicious traffic.
AE: What benefits are you seeing with businesses adding Incapsula?
OE: Benefits of adding the Incapsula service come in three main areas: Security, Performance, and Availability. Incapsula is a cloud based service that customers use to route their website traffic through on the way to their web servers. While traffic passes through Incapsula, malicious traffic is blocked and legitimate traffic is accelerated using Incapsula's content delivery network (CDN). In addition to reducing web page loading times and web site bandwidth consumption, Incapsula's CDN also load balances traffic between data centers and servers, to make optimal use of existing web server resources.
AE: If someone wants to start using Incapsula, how can they get started?
OE: Incapsula offers free 14 day trials. This allows users to test the solution on their own site and see how Incapsula can help them improve their website's security, performance, and availability.