Thursday, October 27, 2016

Weighing Internet availability and On premise systems

http://fortune.com/2016/10/23/internet-attack-perpetrator/

Our worst hacking fears came true on Friday as criminals deployed millions of everyday objects—internet-connected cameras, printers, and so on—to launch an attack on a critical part of the Internet. The attack was a success, crippling the websites of major companies like Amazon, Netflix and Twitter for hours at a time.


Many of our clients use cloud services for their critical business services and storage needs, and typically they have made some calculation basing the risk of availability and security against the cost of keeping equipment and services on site.  For companies like this the recent internet attacks on DYN have awakened that debate.

The availability of email is essential to continuing in business, and to save costs many companies use outsourced email providers-. It’s not just hardware—the servers, firewalls, spam filters, email archiving storage,--but also administration.  Email is a resource hog.  On the flip side, you have the potential for an attack on an external email provider, potentially bringing down the service completely:  Thousands of customers suddenly cut off from email! Can your company survive in today’s integrated environment without access to your email for days, weeks or even months?  What recourse do you have if your email is brought down by a malicious attack? How long will it take to recover once services are restored, if they are restored? Further complicating the issue for many companies is the use of IP telephony which can also be compromised in an internet attack.  Phones out, too!?  The whole scenario is pretty bleak, right?

So you need to ask these questions and more - - now, not later:
--If an attacker targets email services and internet telephony services how will your organization communicate with your customers and vendors?  Most companies today are so integrated with on line services that if the internet gets brought down for a couple of weeks they will have a hard time recovering.

--Does your Disaster Recovery plan include a section on a complete communication meltdown of the internet?

--How would your company survive if all your data is at a cloud provider and some nefarious hacker simply mixed up all your customer, accounting and payroll records so your staff could no longer access your databases reliably?

As a networking and storage focused company we believe there must be a balance between on-premise hardware and services and internet-based virtual solutions.  As we’ve seen, the risk of an internet based service provider being brought down is very real.  Based on the recent experience of DYN, we think that more companies must reconsider the risks associated with their cloud based solutions providers. If the internet is brought down, and you have your business information on premises, at least your company will be able to function after communications are restored.  If not, the dream of a virtualized world of internet-based services and storage for an integrated economy like we have today could quickly become a nightmare.  Don’t let it happen to you.

No comments: