- More than 317 million new pieces of malware were created last year, meaning that nearly one million new threats were registered each day.
- Only 12% of companies indicated that the level of their network security was “very mature”
No locale, industry or organization is bulletproof when it comes to cyberattacks. Some are notably more represented than others. But from big to small companies—everybody could become a victim of cybercrime. Whereas large companies seem to be preferred targets, they often have better security measures. Because of that, cybercrime is aimed increasingly at small and medium-sized businesses. Besides fraud, this notably involves industry espionage in startup- and supplier categories.
The foundation for safe information and communication technology is a secure network. Professional hackers have an ever-expanding repertoire of attack methods at their disposal—companies must constantly adapt their network security systems to counter them. Three essential components of this are the establishment of a virtual private network, of firewalls and the use of anti-DDoS measures.
Safe access through VPN
To give employees, customers and partners secure access to the company network, a virtual private network (VPN) is the instrument of choice. VPNs encrypt and tunnel all Internet traffic between user and VPN servers so third parties cannot intercept or disrupt processed data. VPNs work by overlaying a a public with a private network, effectively encrypting the information that passes through the identical physical infrastructure. A VPN can be used like a closed user group and makes safe access from all integrated devices possible.
Firewalls: Keep out unauthorized users
Another option to permit only known and trusted traffic to a company’s network is a firewall. In addition to keeping unauthorized users out it can be used to review access logs regularly and detect potentially suspicious activity. However, the research and advisory company Gartner found out that 95 percent of all firewall breaches are caused by misconfiguration and not by planning and setup flaws – highlighting that individually designed firewalls tailored to the needs of the relevant companies are needed. Both safety measures, VPNs and firewalls, must be installed on routers. That way, anyone or anything connected to the network will automatically be protected without requiring everybody to take extra steps every time they connect.
Under DDoS attack
Distributed denial-of-service (DDoS) attacks are still a very popular form of cyberattack. They are mainly aimed at larger companies, public institutions and services connected to e-commerce and banking. For them, anti-DDoS measurements are essential. A DDoS attack is an attempt to make a website unavailable by overwhelming it with manipulated or redirected traffic from multiple sources. The homepage or service can then no longer respond to normal requests. The damage can be substantial: 50 percent of organizations “would lose at least 100.000 US dollars per hour in a peak-time DDoS-related outage, 33 percent would lose more than 250.000 US dollars per hour,” says the March 2016 McAfee Labs Threats Report.
As you see, a security concept is highly important for all kinds of companies, but especially if you are in e-commerce. VPNs, firewalls and anti-DDoS measures can keep a company’s network secure, clean your traffic and allow you to run your business normally even if you’re under attack.
Guidelines for securing your network:
Check: Examine your network security design by conducting a security audit and identify gaps
Plan: Develop a customized security strategy
Deploy: Integrate appropriate measures, like perimeter network security devices, strong and multiple passwords, firewalls, secure VPNs (for example out of the cloud, via CloudVPN) and anti-DDoS management. Customize operating models from on premise to cloud solutions
Secure hosting: Host your Network Services in a high-security certified data center
Increase awareness: Raise consciousness and understanding of the security guidelines by means of employee training