What security products do you need to prepare for Black Friday?
Web Hosting Blog
Black Friday is a dangerous time for both consumers and businesses. Hackers and cyber criminals often take advantage of the chaos that is online shopping on Black Friday and launch their attacks on unsuspecting eCommerce stores.
It’s your responsibility to keep your site, and your customers secure during this busy period. But don’t worry, there are a few products on the market to make this easier for you.
In this blog we are going to be taking a look at three products you need to stay safe:
SSL Certificates
One of the most common methods used to steal data from websites is by placing a small, undetected listening program on the server hosting a website. That program waits in the background until a visitor starts typing inform ation on the website, and it will activate to start capturing the data and then send it back to the hacker.
This information could be anything from an email address to a customer’s bank details. Just imagine the impact that could have on your business? If your customers spread the word that your site is unsafe, people will avoid buying from your site.
So how do you stop this from happening? By having an SSL certificate!
SSL certificates are small data files that cryptographically confirm this encrypted link between a web server and a browser — ensuring that all data shared is private.
With an SSL, your customer’s browser will connect with their web server, examine the SSL certificate, and then secure their browser and the server. This secure connection means no one besides you and your customer can see or access what they type.
When a customer visits a website encrypted with SSL, their browser forms a connection with the web server, looks at the SSL certificate, and then binds their browser and the server, ensuring no one besides your site can see or access what you type.
This connection happens instantly; some suggest it’s faster than connecting to an unsecured website.
Companies that request personal information from a user, such as an email address or payment information, should have SSL certificates on their website. Having one means that the details you are collecting are private and ensures the customer that when they see that padlock and HTTPS://, their privacy is safe.
To find out more about SSL’s you can read our guide to picking the right SSL certificate here and our blog or free vs paid SSL’s.
DoS and DDOS protection
DoS (denial-of-service) and DDOS (distributed denial-of-service) attacks are when attackers attempt to block legitimate users from accessing information or services by flooding a network with requests, overwhelming the targeted system’s bandwidth, and preventing legitimate requests.
While both attacks work the same way, the critical difference is that a DoS attacker uses a single computer and internet connection. In contrast, a DDoS attack utilises multiple connected devices – making it more difficult to deflect.
The easiest way to protect your site against DDOS attacks is to update your server security. Not only will this protect you from DDoS attacks it will also protect against server vulnerabilities.
You must also have a good understanding of your site’s traffic, so you can identify the symptoms of a DDoS attack when unusual activity occurs.
If you have the resources, you can also scale up your bandwidth. The more bandwidth you have, the harder it is to overwhelm the network.
Plus, you can also opt for a load-balanced solution. Although this doesn’t prevent an attack, it would prevent downtime if you are attacked because the other server in your setup would assume your site’s hosting and services.
There is a wide range of anti-DDoS hardware and/or software on the market that you can use to prevent an attack from happening. Take a look at the products available at CWCS and read our in depth blog on What is DDoS attack and how do I prevent it?
Use a Firewall
Firewalls are one of the most important defences to safeguard your network, applications, and hardware devices. You can set it up on any server and computer.
Firewalls are hardware or software systems which act as a wall o between two or more networks – permitting authorised traffic and blocking unauthorised and malicious traffic accessing your network or system. You can also set a firewall to prevent specific applications from sending out information, reducing data theft risk.
They protect your network from threats on the internet, for example, DDoS attacks. Since eCommerce websites have a lot of inbound traffic, especially during sales season, you need firewalls to protect yourself from any malicious traffic entering.
The type of hosting you have can affect the kind of firewall that you use. For managed dedicated hosting, we recommend that you use a Cisco threat-focused NextGen Managed Firewall (NGFW), and for those with cloud hosting, we recommend the CWCS ArcusWall.
Finally….
Talk to your hosting provider about what measures they have to protect your site this black friday.
If you want to discuss your site security and hosting requirements, get in touch with a member of our team. Our experts are always happy to help you choose the right solution.