Evaluating DDoS Mitigation Solutions – 7 Key Factors

The rapid growth of the DDoS threats in recent years has been followed by an influx of mitigation solutions. Selection, however, can be tough. How do you assess, evaluate and differentiate between the DDoS mitigation service providers? What are the key factors to pay attention to? How can you ensure that a solution not only matches your business and technical requirements, but will also deliver on its promise on the day of an attack?

Many companies have relied in the past on traditional DDoS protection solutions, using complex hardware such as firewalls and load balancers. However, such solutions have proven costly and in many cases ineffective.

Here is a brief summary of seven practical guidelines that will help you evaluate solutions and assess their capabilities.

Before you begin…

Before you begin to examine available DDoS solutions, clearly identify your needs. For example :

·         How critical is downtime for your business?
For some companies a single hour of downtime can cost up to $20,000 and for others it can exceed $100,000 per hour. Will you need an “Always on” DDoS protection solution or an “On Demand” protection mode? 

  

·         What is your network architecture?
Is it a private network with on premise servers, does it include public cloud resources (AWS, Azure), a combination of both? This will determine the solution implementation flavor you need to look for (cloud protection, on premise appliance, or a combination of both). Naturally, a solution that can offer protection to a wide range of network implementation will save you time, training, and administration overhead.

·         What are your requirements in regards to monitoring DDoS related events and integrating data into your existing security/IT systems?

Here is a summary of the 7 key factors to help you choose the right DDoS Protection solution for your company:

1 – Attack coverage

Select a solution that provides protection against ALL major attack types – be it an attack on the application layer or SSL-based attack, a volumetric attack, or a multi-vector and continuous attacks.

2 – Mitigation capabilities

Drill down to examine mitigation details – Which attack volumes can the solution handle? What it its scalability? How quickly does it detect, notify and mitigate an attack?

3 – Mitigation capacity

Continuous DDoS protection will depend on the setup and availability of scrubbing centers, their distribution, connectivity and redundancy. Look for a DDoS solution that has worldwide coverage and enough total scrubbing capacity to handle several attacks simultaneously.

4 – Fully managed vs. self serve

DDoS requires highly specialized skills and expertise. Select a solution provider that will monitor your protected assets and provides a 24/7/365 response team capable of mitigating new zero-day DDoS attacks.

5- Self management

Make sure you have the flexibility and visibility to manage and control DDoS protection both from within the system itself, and if needed, from within your existing security systems.

6 – Support and SLA

Ensure the solution provides sufficient support and expert assistance during and following a DDoS attack and that you receive quantifiable assurances, such as a service level agreement.

7 – Total Cost of Ownership

Carefully examine the value vs. price balance so that you don’t compromise on protection quality due to  a cheaper price.  Select a solution that is priced based on legitimate traffic volume and that provides unlimited attack traffic capacity.

Here is a summary of the 7 key factors to help you choose the right DDoS Protection solution for your company.

In summary, selecting a DDoS solution cannot be done using a one-size-fits-all approach. You must adopt an informed process to choose a DDoS mitigation solution that fits your needs and can successfully defend you against ALL attack types, including massive network attacks, which compromise over 65% of today’s DDoS attacks.

Best Regards ,

Web Admin

LATVIK SECURE

LATVIK TECHNOLOGIES ™

www.latvikhost.com | https://latviksecure.blogspot.com

Data on 500 Million Guests Stolen in 4-Year Breach @ MARIOTT

Hospitality giant Marriott today disclosed a massive data breach exposing the personal and financial information on as many as a half billion customers who made reservations at any of its Starwood properties over the past four years.

Marriott said the breach involved unauthorized access to a database containing guest information tied to reservations made at Starwood properties on or before Sept. 10, 2018, and that its ongoing investigation suggests the perpetrators had been inside the company’s networks since 2014.

Marriott said the intruders encrypted information from the hacked database (likely to avoid detection by any data-loss prevention tools when removing the stolen information from the company’s network), and that its efforts to decrypt that data set was not yet complete. But so far the hotel network believes that the encrypted data cache includes information on up to approximately 500 million guests who made a reservation at a Starwood property.

“For approximately 327 million of these guests, the information includes some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date and communication preferences,” Marriott said in a statement released early Friday morning.

Marriott added that customer payment card data was protected by encryption technology, but that the company couldn’t rule out the possibility the attackers had also made off with the encryption keys needed to decrypt the data.

The hotel chain did not say precisely when in 2014 the breach was thought to have begun, but it’s worth noting that Starwood disclosed its own breach involving more than 50 properties in November 2015, just days after being acquired by Marriott. According to Starwood’s disclosure at the time, that earlier breach stretched back at least one year — to November 2014.

Back in 2015, Starwood said the intrusion involved malicious software installed on cash registers at some of its resort restaurants, gift shops and other payment systems that were not part of the its guest reservations or membership systems.

However, this would hardly be the first time a breach at a major hotel chain ballooned from one limited to restaurants and gift shops into a full-blown intrusion involving guest reservation data. In Dec. 2016, KrebsOnSecurity broke the news that banks were detecting a pattern of fraudulent transactions on credit cards that had one thing in common: They’d all been used during a short window of time at InterContinental Hotels Group (IHG) properties, including Holiday Inns and other popular chains across the United States.

It took IHG more than a month to confirm that finding, but the company said in a statement at the time it believed the intrusion was limited to malware installed at point of sale systems at restaurants and bars of 12 IHG-managed properties between August and December 2016.

In April 2017, IHG acknowledged that its investigation showed cash registers at more than 1,000 of its properties were compromised with malicious software designed to siphon customer debit and credit card data — including those used at front desks in certain IHG properties.Marriott says its own network does not appear to have been affected by this four-year data breach, and that the investigation only identified unauthorized access to the separate Starwood network.

Starwood hotel brands include W Hotels, St. Regis, Sheraton Hotels & Resorts, Westin Hotels & Resorts, Element Hotels, Aloft Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, Four Points by Sheraton and Design Hotels that participate in the Starwood Preferred Guest (SPG) program.

Marriott is offering affected guests in the United States, Canada and the United Kingdom a free year’s worth of service from WebWatcher, one of several companies that advertise the ability to monitor the cybercrime underground for signs that the customer’s personal information is being traded or sold.

The breach announced today is just the latest in a long string of intrusions involving credit card data stolen from major hotel chains over the past four years — with many chains experiencing multiple breaches. In October 2017, Hyatt Hotels suffered its second card breach in as many years. In July 2017, the Trump Hotel Collection was hit by its third card breach in two years.

This is a developing story, and will be updated with analysis soon.

Best Regards ,

Web Admin

LATVIK SECURE

LATVIK TECHNOLOGIES ™

www.latvikhost.com | https://latviksecure.blogspot.com

Healthcare Organizations Falling Behind on Cyber Risk Management

Only 29% of healthcare organizations report having a comprehensive security program in place.

Only 29 percent of healthcare organizations reporting having a comprehensive security program in place, and among those that do not have such a program, 31 percent are either not meeting with their executive committee or are meeting less than once a year to give security updates.

According to CHIME’s 2018 Health-Care’s Most Wired report, the maturity of a healthcare enterprise’s security program impacts its capabilities and protocols. For example, enterprises with a comprehensive security program are more likely to support critical security measures like data-loss prevention, BYOD management, database monitoring, provisioning systems, log management and adaptive risk-based authentication for network access.

Most organizations seem prepared for disasters to strike; 68 percent estimate that if a disaster caused complete loss of their primary data center, they could restore operations within 24 hours for their clinical, financial, supply chain management, and human resources and staffing systems. Regarding the adoption of 10 components critical to an incident response plan (see graphic), 26 percent of organizations have all 10, with the most adopted including documented EHR-outage procedures, security/privacy breach notification procedures and at least annual tabletop exercises.

Best Regards ,

Web Admin

LATVIK SECURE

LATVIK TECHNOLOGIES ™

www.latvikhost.com | https://latviksecure.blogspot.com