Connect with us

Cloud

Five Ways to Maximise the Security, Performance and Reliability of Your Online Business

Published

on

Written by Bashar Bashaireh, Managing Director, Middle East & Turkey, Cloudflare

With a shift to digital transformation, enterprises face new challenges and opportunities for growth — from anticipating and meeting customers’ digital needs to mounting a strong defence against web-based attacks, overcoming latency issues, preventing site outages, and maintaining network connectivity and performance. When optimizing the online customer experience, enterprises need to adopt a strategy that integrates robust site security, performance, and reliability. Although this strategy involves many components, here are five key considerations that can help businesses meet customer needs and provide a secure and seamless user experience:

Leverage DNS and DNSSEC support to maximize availability and uptime
Frequently referred to as the ‘phone book of the Internet,’ DNS (domain name system) translates domain names into numeric IP addresses and enables browsers to load Internet resources. As DNS attacks become more prevalent, businesses are starting to realize that a lack of resilient DNS creates a weak link in their overall security strategy.

There are multiple approaches that companies can take to deploy a resilient DNS strategy. They can get a managed DNS provider that hosts all DNS records, offers query resolution at multiple nodes globally, and provides integrated DNSSEC support. DNSSEC adds a layer of security to the domain name system by adding cryptographic signatures to existing DNS records.

Companies can also build additional redundancy by deploying a multi-DNS strategy — even if the primary DNS goes down, secondary DNS helps keep the applications online. Large enterprises that prefer to maintain their own DNS infrastructure can implement a DNS firewall in conjunction with a secondary DNS. This setup adds a security layer to the on-prem DNS infrastructure and helps ensure overall DNS redundancy.

Accelerate content delivery by routing traffic across the least-congested routes
Today, the majority of web traffic is served through Content Delivery Networks (CDNs), including traffic from major sites like Amazon and Facebook. A CDN is a geographically distributed group of servers that help provide fast delivery of Internet content to globally dispersed users and can also reduce bandwidth costs.

With servers in multiple locations around the globe, a CDN is able to distribute content closer to website visitors, and in doing so, reduce any inherent network latency and improve page load times. CDNs also serve static assets from cache across their network, reducing the number of requests being made to hosted web servers and resulting in lower bandwidth and hosting costs.

Minimize the risk of site outages by globally load-balancing traffic
Maximizing server resources and efficiency can be a delicate balancing act. Cloud-based load balancers distribute requests across multiple servers in order to handle spikes in traffic. The load balancing decision takes place at the network edge, closer to the users — allowing businesses to boost response time and effectively optimize their infrastructure while minimizing the risk of server failure.

Protect web applications from malicious attacks
When securing web applications and other business-critical properties, a layered security strategy can help defend against many different kinds of threats.

  • Web application firewall protection – A web application firewall, or WAF, protects web applications by filtering and monitoring HTTP traffic. Cloud-based WAFs are typically the most flexible and cost-effective solution to implement, as they can be consistently updated to protect against new threats without significant additional work or cost on the user’s end.
  • DDoS attack protection – A DDoS attack is a malicious attempt to overburden servers, devices, networks, or surrounding infrastructure with a flood of illegitimate Internet traffic. By consuming all available bandwidth between targeted devices and the Internet, these attacks not only cause significant service disruptions but have a tangible and negative impact on business as customers are unable to access a business’s resources.
  • Malicious bot mitigation – Sites may become compromised when targeted by malicious bot activity, which can overwhelm web servers, skew analytics, prevent users from accessing webpages, steal user data, and compromise critical business functions. By implementing a bot management solution, businesses can distinguish between useful and harmful bot activity and prevent malicious behaviour from impacting user experience.

Keep your network up and running

  • Protect your network infrastructure – It’s not enough to just protect web servers. Enterprises often have on-premise network infrastructure hosted in public or private data centres that needs protection from DDoS attacks, too. Many DDoS mitigation providers rely on one of two methods for stopping an attack: scrubbing centres or on-premise scanning and filtering via hardware boxes. The problem with both approaches is that they impose a latency penalty that can adversely affect a business. A better way to detect and mitigate DDoS attacks is to do so close to the source — at the network edge. By scanning traffic at the closest data centre in a global, distributed network, high service availability is assured, even during substantial DDoS attacks. This approach reduces the latency penalties that come from routing suspicious traffic to geographically distant scrubbing centres. It also leads to faster attack response times.
  • Protect TCP/UDP applications – At the transport layer, attackers may target a business’s server resources by overwhelming all available ports on a server. These DDoS attacks can cause the server to respond slowly to legitimate requests — or not at all. Preventing attacks at the transport layer requires a security solution that can automatically detect attack patterns and block attack traffic.

In conclusion, creating a superior online experience requires the right security and performance strategy — one that not only enables enterprises to accelerate content delivery, but ensures network reliability and protects their web properties from site outages, data theft, and other critical attacks.

Cloud

Proofpoint Boosts UAE Investment to Meet Growing Demand for Cloud Cybersecurity Services

Published

on

Proofpoint has announced that its human-centric security solutions would be delivered through a local data centre in Dubai, United Arab Emirates. The launch was announced during Proofpoint’s Protect Tour in Dubai this week, during a keynote delivered by Sumit Dhawan, CEO at Proofpoint.

Trusted by 50% of the UAE and KSA-based companies listed in the Forbes Global 2000, Proofpoint’s comprehensive AI-driven cybersecurity solutions help organizations navigate today’s complex threat landscape with confidence, delivering robust protection. Available in Q1 2025, Proofpoint’s offerings will enable UAE-based customers to comply with local data residency policies and meet regulatory compliance.

The cyber threat landscape in the UAE continues to evolve. While Emirati CISOs continue to fear cyber-attacks, they are demonstrating increasing confidence in their ability to defend against them. Proofpoint’s 2024 Voice of the CISO Report reveals that two-thirds (66%) of CISOs in the UAE feel prepared to cope with a cyberattack, an increase from 43% last year. This growing confidence may be attributed to the 89% of Emirati CISOs surveyed looking to deploy AI-powered capabilities to help protect against human error and advanced human-centered cyber threats.

To address this, Proofpoint’s ongoing investments in the region will help organizations in the UAE address human-centric cybersecurity risks, providing the opportunity to benefit from Proofpoint’s market-leading email security solutions, running through an in-country data centre. Proofpoint Email Protection is the only AI/ML-powered, cloud-based threat protection platform that disarms today’s advanced attacks, including email fraud, ransomware, weaponized URLs, multifactor authentication (MFA) bypass for credential phishing, and more.

“Organizations in the United Arab Emirates face a rapidly evolving threat landscape and our main objective over the coming years is to continue protecting even more companies in the region, with innovative, AI-powered solutions,” said Sumit Dhawan, CEO at Proofpoint. “Our solutions being delivered through local a data center underscores our unrelented investment in a key region for us and highlights our commitment to keep pace with the region’s accelerating digital transformation. This will enable organizations in the UAE to roll out multi-layered, cloud-native cybersecurity protection that safeguards people and data from today’s biggest threats, while keeping their data in-country.”

Proofpoint Middle East by the Numbers:

  • Proofpoint is trusted by 50% of the UAE and KSA-based companies listed in the Forbes Global 2000 and protects more than 1,200,000 employees across the Middle East.
  • Proofpoint’s Middle East customer base saw a growth of more than 20% in 2024, with continued growth at-pace expected in the coming years
  • Since 2019, Proofpoint has increased its employee base by more than 40% across the region
  • Proofpoint works with over 550 partners across the Middle East, Turkey & Africa

“Organisations in the Middle East are leading the charge in implementing cybersecurity measures to protect their customers from today’s threat landscape,” said Emile Abou Saleh, Vice President, Northern Europe, Middle East, Turkey and Africa at Proofpoint. “At Proofpoint, we remain committed to empowering organizations with the tools and knowledge needed to safeguard their most valuable assets—their people. With our solutions being delivered through a local data center, we will bring our industry-leading human-centric cybersecurity to more organizations in the region, while better meeting local customer and regulatory needs.”

Continue Reading

Cloud

SolarWinds Survey: Only 18% of IT Professionals Satisfied with Cloud Infrastructure

Published

on

According to new data from SolarWinds, less than one in five (18%) IT professionals believe their present cloud infrastructure satisfies their business needs, indicating a large disconnect between expectations and reality when it comes to cloud adoption. The research, based on a survey of 272 global IT professionals, shows that despite the cloud’s promises of scalability and cost savings, the reality is mixed for many IT teams: only a quarter of those surveyed (25%) feel their organisation’s approach to the cloud is carefully considered and successful, while 23% admit their hybrid cloud strategy has created an overly complex IT environment. Despite this, less than a quarter (22%) of respondents have invested in external IT services to help with their cloud migration strategy.

In response to these cloud challenges, more than one in ten (16%) respondents have already repatriated workloads back to on-premises. Meanwhile, a further 12% acknowledge that poorly planned cloud transitions have already resulted in long-term financial impacts on their organisations. This goes to show that rushed cloud migrations can lead to costly fixes or reversals.

The data also indicates a lack of trust in cloud security, with nearly half (46%) of IT pros still storing their most sensitive data on-premises due to persistent security worries. However, the findings do highlight a continued focus on cloud strategies to reduce costs. Nearly a third (29%) of respondents say they are prioritising cloud migration to cut operational costs.

Commenting on the findings, Sascha Giese, Global Tech Evangelist at SolarWinds, said, “The truth is, managing complex hybrid-cloud ecosystems isn’t easy. While the cloud promises scalability and cost savings, the gap between expectation and execution is becoming increasingly evident. In this landscape, many businesses find themselves grappling with overly complex infrastructures that struggle to meet evolving needs.”

In a hybrid cloud world with increasingly complex networks, systems, devices, and applications, managing microservices and containers adds to the challenge. Without proper planning and comprehensive visibility, organisations risk finding themselves in a dire situation. Tool sprawl, information silos, and alert fatigue can all lead to an unpleasant cloud experience, making it harder to identify the root causes of complex issues.

“To overcome these challenges, IT leaders must adopt a more strategic and informed approach to cloud migration, focusing on tools that are reliable, secure, and accelerate modernisation. One key advantage businesses can leverage to successfully manage their hybrid cloud infrastructures is comprehensive observability. That means gaining real-time visibility into every layer of the IT estate and acting proactively with the assistance of machine learning algorithms and AI-driven analytics. Cloud infrastructure can be a powerful growth enabler, but with a mess of mismatched tools and poor visibility, it will be a bumpy ride,” added Giese.

Continue Reading

Cloud

Fortinet Boosts Cloud Security by Introducing Lacework FortiCNAPP

Published

on

Fortinet has announced the general availability of Lacework FortiCNAPP, a unified, AI-driven platform to secure everything from code to cloud from a single vendor. “Lacework FortiCNAPP is based on Lacework’s proven cloud-native application protection platform with tight integration with the Fortinet Security Fabric,” said John Maddison, Chief Marketing Officer at Fortinet. “We’re pleased to expand our cloud-native security offerings and provide the industry’s most comprehensive, full-stack cloud security platform that empowers teams to seamlessly eliminate risk across their multi-cloud environments.”

The introduction of Lacework FortiCNAPP offers additional benefits that extend beyond Lacework’s leading offering. These include automated remediation and blocking of active runtime threats and enhanced visibility into FortiGuard Outbreak Alerts, which provide key information about new and emerging threats and the risk they pose within an organization’s environment.

As customers continue to adopt cloud infrastructure and services, they are quickly realizing that traditional security tools simply lack the native capabilities required to address the scale, velocity, and dynamic nature of the cloud. Security teams are fundamentally challenged by the lack of time to address cloud security at scale due to limited cloud security knowledge, a proliferation of cloud security products that do little to help customers resolve issues, and an overwhelming number of security and compliance alerts.

With Lacework FortiCNAPP, Fortinet simplifies and strengthens cloud security with a unified platform from a single vendor that brings together multiple tools to significantly cut down the time to detect, prioritize, investigate, and respond to cloud-native threats. Lacework FortiCNAPP introduces a unique AI approach that never stops learning, maximizing cloud security with minimal time and effort for development, operations, and security teams by automatically connecting risk insights with runtime threat data, and ensuring that the most critical issues are prioritized and addressed.

Fortinet enables customers to address all their cloud security needs by delivering key features such as:

  1. A unified platform: Fragmented tools create complex, expensive, and limited protection. As a platform, Lacework FortiCNAPP provides full visibility from code to cloud and correlates build and runtime risk and threat data to prioritize what matters most.
  2. AI-based anomaly detection: Given that cloud threats evolve as quickly as the cloud itself, creating rules for every potential attack scenario is nearly impossible. Lacework FortiCNAPP’s AI-based anomaly detection allows security analysts to detect previously undefined attack patterns that traditional rules-based systems cannot accomplish.
  3. Integrated code security: Code security integrated with cloud security empowers teams to address issues at the earliest and most cost-effective stage in the application life cycle. By offering code security as an integral capability within the platform, customers can save time and money by fixing security issues, and reducing the risk of vulnerable applications and infrastructure while maintaining developer productivity and innovation velocity.
  4. Composite alerts: Lacework FortiCNAPP is unique in detecting early signs of active attacks by automatically correlating various signals into a single, high-confidence composite alert. The platform uses behavioural analytics, anomaly detection, in-house threat intelligence, and insights from cloud service provider activity logs and threat services to identify active attacks, including compromised credentials, ransomware, and crypto-jacking.
  5. Integrations with the Fortinet Security Fabric: Integrations with Fortinet solutions such as FortiSOAR enable customers to streamline their response to active runtime threats, such as compromised hosts and compromised access keys, through automated remediation playbooks. Additionally, its integration with FortiGuard Outbreak Alerts helps teams understand how Lacework FortiCNAPP delivers enhanced visibility and deeper insights into the latest threats and where the solution can disrupt potential attacks.
  6. Cloud Infrastructure Entitlement Management (CIEM): Lacework FortiCNAPP provides CIEM with complete visibility into cloud identities and their permissions. It automatically discovers identities, assesses net-effective permissions, and highlights excessive ones by comparing granted versus used permissions. Each identity is assigned a risk score based on more than 30 factors, helping prioritise high-risk identities. Lacework FortiCNAPP also offers automated remediation guidance for right-sizing permissions, ensuring least-privileged access.
Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.