Six Tips to Prepare Online Retail Servers for Cyber Monday
Follow these important server maintenance tips or risk losing bumper sales on Cyber Monday.
Cyber Monday, that day where all good Americans will sit at their computers and shop until their fingers are numb, is expected to rival sales for Black Friday, our traditional shop-til-you-drop frenzy. While I know all the biggest and best deals are supposed to be on that first Monday after Thanksgiving, a lot of people (like me) will do the bulk of their shopping in the weeks that follow.
Hence, rather than ask yourself if your network is secure for Cyber Monday, it's better to make sure you are prepared for the entire holiday season. After all, the bad guys are going to be working the whole month of December, so your network security plan should be, too.
In the pre-holiday run-up, Scotland Yard's cybercops managed to take down 2,000 fraudulent sites and now hope that shoppers will have a safer online experience. It is likely that fraud and scams are broader and more sophisticated against retailers in the U.S. According to Mike Paquette, chief strategy officer at Corero, the attacks are typically DDoS-related (where criminals flood retail sites with so much traffic it brings the site down) or a specific network breach attempt against a specific site.
Create a DDoS Response Plan. As with all incident response plans, advance preparation is a key requirement for rapid and effective action, avoiding an "all-hands-on-deck" scramble in the face of a DDoS attack. A DDoS response plan lists and describes the steps an organization should take if its IT infrastructure is subjected to a DDoS attack. Increasingly, DDoS attacks against high-profile targets are intelligent, determined and persistent.
Know Your Real Customers. A brute-force or flooding type of DDoS attack is relatively easy to identify, though it requires high-performance and sophisticated real-time analysis to recognize and block attack traffic while simultaneously allowing legitimate traffic to pass.
Deploy On-Premises DDoS Defenses. On-premises DDoS defense solutions installed immediately in front of application and database servers are required to provide a granular response to flooding-type attacks, as well as to detect and block the increasingly frequent application-layer DDoS attacks. For optimal defense, on-premises DDoS protection solutions should be deployed in concert with automated monitoring services to rapidly identify and react to evasive, sustained attacks.
Maintain Continuous Vigilance. DDoS attacks are becoming increasingly smart and stealthy in their methods. Waiting for an application to become unresponsive before taking action is already too late. For optimal defense, a DDoS early warning system should be part of a company's solution. Continuous and automated monitoring is required in order to recognize an attack, sound the alarm and initiate the response plan.
Deploy a network-wide security management tool, correlating event logs from all your security tools. Attackers get sophisticated; they use multiple attack vectors to breach and abuse your systems - you must maintain your ability to be on top of every suspicious activity.
Separate internal and external application servers. Your eCommerce application is a critical application and should be most secured; no reason to place the Mail servers on the same segment as it opens another port for hacking into your systems. This will help to prevent external server hacker getting automatic access to internal data.
Educate your users - make sure your users are not getting any emails from you requesting to update their order/account or whatever. Make sure always to send promotional content from the same mail address they know.