Everyone is Excited for CyberMonday ? Your Vendors, Your Customers, and Hackers

Posts Tagged ‘security’

Everyone is Excited for CyberMonday ? Your Vendors, Your Customers, and Hackers

17 November 2011 Nessun commento

Less than 15 days until CyberMonday. Your warehouse is full. Your shipper is standing by. But have you considered what will happen at your website after a flood of qualified buyers click on the irresistible and precisely worded ad for your product or service? Now (not then) is the time to find out if your website can take the heat that CyberMonday will dish out.

The Yahoo! Network Insights team reveals that eCommerce retailers see a 73% increase in online conversions on the Monday following Thanksgiving (compared to the average shopping day in November). This means when consumers open their wallet on 11/30, they will be ready to buy.

You?ve got one shot, one day to win their holiday business, and you need to be totally sure your customers? data is completely secure, as hackers are just waiting to steal all of those juicy credit card numbers from the thousands of people coming to your site that day.

So how can you improve user experience and conversion for your eCommerce Web site on high traffic days like CyberMonday while ensuring their security? Creative elements aside, there a many technical intricacies that help make your Web site stand out online and stay secure.

Load times, load times, load times. When your Web server is underpowered, pages load slowly and can even fail making it appear that your Web site is down. If your Web site appears to be on the fritz, consumers a) won?t have the patience to wait on you to get it figured out or b) will lose faith in your ability to process orders successfully.

A Web site on the fritz raises questions in consumers minds and decreases the likelihood that they?ll hand over their hard earned money. Was my order received? Is this Web site capable of protecting my PII (personally identifiable information)? Could someone steal my credit card number? And you know what? These are totally legitimate fears. Hacker activity in the last year has increased drastically, and your buyers know it.

Nestling your precious eCommerce Web site in a reliable, High Availability hosting environment and deploying a content delivery network capable of quickly serving up all your high-quality product shots, video customer testimonials, and other heavy media files can help prevent the situation from ever becoming a concern.

Predators on the prowl. Like your telephone operators, cybercriminals are standing by to take orders. They attack your website forms with SQL injections. They use CSRF (cross site request forgery) to inject malicious code capable of stealing information or even redirecting unwitting consumers off your website which obviously prevents them from completing a purchase. Malicious malware installations can damage your search engine rankings and even get your website banned from Google altogether.

Now more than ever, cybercriminals attack without regard or preference for Windows or Linux. Surrounding the application with multiple varieties and layers of protection between your code and the outside world is the best way to shield your eCommerce website from hackers.

Locking down ports. Installing application-focused firewalls. Deploying IDS (intrusion detection systems). Patching regularly. Contingency plans and encrypted backup restoration. All of these devices and techniques must be executed with precision and enterprise-level expertise to stand a chance at warding off cyber attacks. And in the event the your Web site or application is breached, you?ll need a team of responsive, knowledgeable Support Superheroes to help get you back online quickly.

Help users find what they need FAST. The Google Mini Search Appliance applies Google-grade search algorithms to the content on your website so users can find what they?re looking for FAST, every time. The Google Mini search service works with all hosting platforms, so Windows and Linux users can benefit from its capabilities.

Highly configurable, the Google Mini gives you control over which content will appear in your web search results to assist visitors in finding the perfect gift quickly on CyberMonday. The Google Mini is capable of indexing content for large websites (up to 300,000 pages to be exact) so all the products in your eCommerce product catalog can be included.

Elicit confidence, solicit a sale. Once you?ve achieved a high comfort level with the foundation upon which your website resides, you can turn your sites back to fostering trust by incorporating website elements customers can see and appreciate.

SSL Certificates and Security Badges go a long way toward improving your website conversion rate. The type and grade of SSL you select does more than provide an eye-catching dose of confidence. Most SSL providers back their encryption with warranties and insurance for online shoppers and retailers alike, so the protection goes beyond ?feel good? sentiments to providing financial compensation in the event the SSL product?s capabilities are compromised.

So What Now? We?d be willing to bet that you?ve devoted the majority of your effort toward ensuring the ?physical? components of your shopping season (inventory, staff, packaging, etc) are in place. In the process, you may have inadvertently overlooked the most important factor of your CyberMonday success: Is your Web site capable to handle the influx of shoppers and is it capable of protecting their identity?

You still have time to assess your Web application?s hosting environment and take steps to improve your capabilities or remediate problems before November 30. You know the old adage, prepare for the worst, hope for the best. May you all have a profitable holiday season, with few gliches on your site, and nary a hacker to bah-humbug your business!

This article was featured in eCommerce Times.

Learn more about how we can secure your eCommerce website…

The Power of Dedicated Servers. The Scalability of Cloud Hosting. The Result ? One Cloud Servers.

17 May 2010 Nessun commento

EngineNetworks believes every business is entitled to protection from malicious hacker schemes. This mantra resonates in every decision we make and drives the daily activities for each and every agent of our organization.

We constantly strive to make enterprise-grade hosting features available for companies of all sizes, and VMWare?s vShield? capabilities (introduced last summer) have helped fulfill our mission. vShield? marks a significant advance in virtualization technology by providing a ?shared [multi-tenant] computing resource pool, while still maintaining trust and network segmentation of users and sensitive data.?

We quickly realized adding vShield? to our secure hosting infrastructure would make it possible to package the power and privacy of dedicated servers with cloud-like scalability, and our technology staff has worked tirelessly since the announcement to devise the right solution.

The result of their hard work is an affordable, compliance-ready Cloud Server with all the tools necessary to protect your customers? personally identifiable information (PII) and payment card information from hackers without hiring your own internal IT security staff.

Our new offering combines the best features of Dedicated and Cloud hosting into one, affordable Cloud Server. This service is new to the hosting marketplace and unique to EngineNetworks, so we?ve made it easy to compare how our Cloud Servers stack up against popular options. ?When security and affordability are key factors in your consideration set, we make it an easy decision,? said Engine Networks CEO and founder.

The standard features of our new Cloud Server proves we?re more serious than ever about providing security for all.

  • Redundant firewalls help ensure uninterrupted protection from malice on the Web.
  • Redundant web application firewalls provide protection at the application level, where many hackers find a ?back door?.
  • Intrusion protection and DoS/DDoS mitigation suppress ?in your face? style attacks.
  • Encrypted backup, server monitoring and proactive response are just a few of the managed hosting services available to keep web applications running smoothly.

In addition, each Cloud Server has cloud-like scalable resources available at a moments notice.

  • Scale up to four processors and 32 GB of memory quickly as website traffic grows.
  • Tack on Terabytes of easily accessible SAN space
  • Increase resources in anticipation of marketing events and scale back down to what you need once business returns to usual
  • Improve business continuity with premium services like load balancing and high availability switching

Virtualized servers provide scalable resources and on a flexible schedule to help ensure loss of revenue, user dissatisfaction, and brand damage due to downtime never happen.

?EngineNetworks puts each customer inside its security infrastructure, similar to what is found in an enterprise datacenter with the different being the multi-tenancy of the hoster. This is an interesting approach that we believe will work for many customers. So long as the customer does not have particular customized security requirements, they can comfortably fit within this architecture and enjoy security and be in compliance.?

Learn more about how our advanced, Cloud Server configurations can help your business.

What is Your Disaster Recovery Strategy?

29 November 2009 Nessun commento

Have you ever been working on an important document for hours on end, and when you are close to completion, lose everything because you forgot to save it periodically, or worse, the computer you were using crashed? This scenario has happened to all of us at one point or another. The same scenario can be scaled up to servers and entire businesses. It is a fact of our industry that a catastrophic failure of a component, security update, or other possible issue could arise, taking down the system(s) you depend upon. Many start-ups and small to medium sized businesses underestimate the value of being prepared for disaster by having backups, load balancing, or redundancy within their sites and systems. Some feel that this scenario could not happen to them, or that the costs involved in being prepared outweigh the risk.

There are some simple precautions as a responsible business or technical person you can do to help prevent or mitigate the severity of such scenarios, such as building a Disaster Recovery Strategy. Your particular strategy may vary from others, but the overall preparedness for building a DR plan is usually the same. For the purposes of this article, we will focus on a single server plan, but this can be easily scaled up to multi-server configurations and complex designs:

Software
Have you identified all software your business requires to function should a failure occur? What software is installed on your machine? Do you have copies of this software to reinstall, along with any license keys if it was not supplied by your provider?

Open Files and Databases
Are you running any databases, or have applications that keep open files on the system that are needed in the event of failure? Are you dumping the database(s) into an importable format and backing it up regularly?

User Data
Are you making copies of the data uploaded by your users or developers? Do you have backups of your website content? What about the user accounts and passwords used by your users?

Security Updates
Is your system up to date with the latest security updates for your Operating System? Is your OS outdated and has no updates available? More system failures occur from hacker intrusion versus hardware failure.

Back-ups
Do you subscribe to or use a back-up service? Even if you are, are you prepared for the length of time involved on bringing your system back online after failure?

Redundancy
Your system is only as strong as its weakest component. RAID, while it is good for protecting data in the event of a drive failure does not protect you against hackers or accidental file deletion. Even if you have a completely redundant load balanced cluster, you could be susceptible to hacker intrusion and loss of data should you not keep up to date on security updates.

Firewall
Do you use a firewall on your system? If so, what ports are open to the outside world? Are the services on those ports kept up to date? Do you analyze the log files for those services and look for attempts at break-ins? Firewalls are good for protecting systems against hackers, but the firewall is only part of your security. Remember that the services you allow people to connect to could be vulnerable to break in, and therefore should be watched closely.
This article is not meant to scare you, but is intended for you to understand that there are several risks to businesses that can and should be prepared for. The better you are prepared and understand the risks on the Internet, the more profitable and successful you will be with your business.

If you are concerned about your ability to recover from a disaster, please feel free to contact your sales person and discuss how they can help you with your system. Or, if you have questions about your existing systems or protection against disaster, please contact our technical support personnel, and they will be happy to assist you.

Engine Technology Srl

Engine Technology S.r.l., Systems Integrator, Outsorcing Services Provider ed Internet Service Provider in grado di fornire soluzioni in ambito ICT ad alto contenuto tecnologico per aziende di ogni dimensione presenti in Italia, Svizzera, Francia e Germania.

Contact:

Engine Tecnhnology Srl -
C.so Svizzera 185
10149 Torino
Phone: +39 011 0883130
Mail: [email protected]

Visita il sito della divisione engine.technology la quale si occupa delle soluzioni di System Integration & Progettazione IT.