Preparing for D(DoS)-Day
Posted by lkehoe on Tue, 05/08/2014 - 15:38
How often do you hear the quote "By failing to prepare, you are preparing to fail" (Benjamin Franklin, 1727)? Sadly all too often and most commonly after a disastrous, or even catastrophic event, as people then take steps to mitigate the risk of such an event ever happening again.
Some careful thought coupled with a desire to "not be a victim" is a great start as preparation is key to defending yourself against the myriad of techniques in use today for DDoS attacks. The stress and huge costs associated with emergency handling of DDoS attacks can easily be avoided with some simple planning and forethought.
Take into account that DDoS attacks are no longer and if, but a when – so contingency planning is key to preparation. Outsourcing your DDoS attack mitigation solution to a specialist DDoS managed service provider is an ideal way to ensure that the appropriate expertise is available 24x7x365 to deal with all types of attack.
The number of attacks continues to increase along with their complexity and the two primary options for effective DDoS attack mitigation are on-premise devices and in-the-cloud. Ensure there is budget allocated for both options as they solve different problems. The pros and cons for each option must be evaluated but serious consideration must be given to implementing both to ensure maximum protection.
Things to look out for in your research include ensuring the commercial models for in-the-cloud options do not include any overage charges and the cleaning locations fit with your geographic compliance regulations relative to movement of data. Also make sure the service is sufficiently flexible to deal with large volumetric attacks and that the technical teams mitigating the attacks have extensive hands on experience.