Five Steps to Minimize Denial-of-Service Risks in SMBs

Five Warning Signs Your Security Policy Is Lacking

Warning signs of a weak security policy from SunGard Availability Services.

I came across a recent article where Kevin Casey of InformationWeek spoke to Ted Swearingen, director of security operations for Neustar, on the topic of Denial-of-Service (DoS) attacks and how SMBs can defend against them. DoS attacks are typically launched as an overwhelming flood of requests from a botnet (Distributed DoS) or a smaller group of attackers on weak parts of a website or online service.

The idea behind a DoS attack is simple: to tie up so much computing resources as to render a website painfully slow to navigate or even inaccessible by legitimate users. This can be devastating to an online business run by an SMB, which may not have the budget to engage the services of a Content Delivery Network (CDN) to mitigate these malicious attacks. Indeed, most SMBs probably do not have the in-house expertise to blunt the worst of such attacks.

You can read the article "How SMBs Can Minimize Denial-of-Service Risks," though I sum up the key tips offered by Swearingen below:

• Embrace monitoring: Pegged as an important component, free or low-cost monitoring components help to keep track of a possible DDoS before customers notice.
• Establishing baseline: An understanding of the baseline system performance helps ensure that anything out of ordinary is quickly noticed.
• Stay current: Keep OS and software patched and updated.
• Fine-tune systems: Keep the network and system resources in optimal health.
• Control access: Hundreds of small tweaks can be made to reduce or mitigate a DDoS attempt. It should also be possible to temporarily disable search functionality, for example, without affecting the proper functioning of the site.

Some of the advice requires a deeper knowledge of DoS mitigation strategies, though it is obvious that at least a couple of them should be practiced even without the imminent threat of a DoS attack. Staying current by keeping operating systems and software to the latest versions and properly patched, for example, is absolutely crucial for lowering the likelihood of security breaches.

Moreover, ensuring that bottlenecks are eliminated by the removal of legacy networking gear or computer systems are aspects that a responsible and competent administrator will recommend. This may sound intuitive, though I've heard of horror stories of how legacy network adapters (Think 10Base-T) remain in use despite the presence of far faster Gigabit Ethernet links.

I plan to highlight some free or low-cost monitoring software that SMBs can make use of to keep track of the various systems on their network, so stay tuned.