Today hundreds of small businesses experienced web site
outages. Go Daddy, the most popular domain registrar/web hosting company, saw
its DNS servers attacked after 10AM Pacific time. The alleged attacker claimed
to be working alone, to have taken down the entire Go Daddy DNS array and that
he wanted to test the cyber security. DNS servers on the web are what translate
the name of a web site (such as www.godaddy.com)
to the numerical address assigned to it. Find a more detailed explanation of
DNS here
Some businesses experienced more than just an inaccessible
web site. More and more businesses are
turning to the cloud to host all of their technical operations. They run
information databases and internet stores on hosted sites to save money. Quite
often, small business owners don’t understand the security requirements of what
they are doing online and opt for the less expensive option over a more secure
option. One such business provides online database services to hundreds of
non-profit organizations. Today, none of those non-profits could access their
databases, creating a great deal of havoc for a lot of people.
If a business provides services to a considerable number of
organizations, businesses or individuals, it is important that those services
be available for them when they are needed.
Always.
If those services are not available
for any reason, including a hosting company under cyber-attack, the
responsibility falls to the business. It is the business that has egg on its
face. Yes, the host will get a bad reputation for being down and not prepared
for an attack, but the business will have lost customers in the process.
How can the average small to medium business owner be
prepared for such an event? Ideally, the data will be hosted on multiple
mirrored sites so it is available from a backup site should the primary host go
down. The smaller the business, the more difficult this is to put in action
because of costs.
When considering internet host needs, certain pieces of
information should be looked at:
·
Dependence on web-based services
·
Number of customers/clients needing access
·
Peak access times
·
Access time windows
·
Percentage of revenue created by web-based
services
·
Importance of business reputation
If most of a business’ services are provided online, then those
services need to be just as secure as in-house services for a business that
doesn’t provide online service. The greater the revenue stream, the more
interventions need to be in place. A
down server will not only cause an interruption in revenue, but it can cause irreparable
damage to the reputation of the business.
Where money is at issue and the cost of a mirrored site
exceeds the acceptable limitations of revenue, then another option should be
considered. Check out service providers carefully, and ask for their policies
on secure data transfer. Ask for information about how they backup their
services and if they have redundancy in power, connectivity and DNS services.
Get it all in writing. If they don’t have the protections in place that is
needed, move on to another provider.
Do what it takes to protect your revenue streams and your
business reputation. And don’t keep all your eggs in one basket!
No comments:
Post a Comment