LoadSpring Water Cooler

Welcome to our blog. See what's going on in our world.

Feb102018

Testing data security? It’s time to rethink your playbook.

data security

Putting Cloud Providers to the Test

By now we have all seen or heard that not having the right security measures in place can impact a company with massive financial and reputation damage. In the US alone, it is estimated that over $100 billion USD are spent every year in security costs, as well as exploits, and costs to recover from attacks.

Here’s a list of 6 of the most common security threats you may come across and what to do about them

  1. SQL injection attacks
  2. Cross-site Scripting (XSS)
  3. Brute Force
  4. Distributed Denial of Service
  5. Secure Sockets Layer (SSL) Vulnerability
  6. Ransomware

Although the most common attacks are SQL injection, cross-site scripting, brute force, DDoS, SSL Vulnerabilities, and ransomware, the most prevalent attacks specifically in the field of Cloud Project Management are SQL injection and cross-site scripting.

What is SQL Injection & the Onion Approach?

A SQL injection is a technique that is used to attack a database driven application by inserting SQL statements into an input field expecting to get input back. Once the attackers get the input, they execute specific statements that allow them to extract or inject data into the database.SQL injection attacks pose a high risk to the confidentiality and integrity of your data.It is critical for companies to have an onion type approach to security. Putting multiple layers in place to protect against attacks and common security mistakes is imperative.But, creating an onion type approach isn’t a system that you can setup, walk away from and feel safe. That kind of silver bullet simply doesn’t exist and you’ll never find it. It requires a commitment from your IT team to monitor alerts, network activity, and have enough ongoing obsession with security solutions.

At LoadSpring, impenetrable security for our Cloud-based Project Management and Engineering software solutions are all we think about.

Cross-site Scripting (XSS) is as easy as stealing cookies from a jar – or is it?

Cross-site scripting (XSS) is a client-side code attack where the attacker injects malicious code into a website. This type of attack is more common with applications that require user input.

Download our white paper to read about a recent attack with Equifax.

The biggest risks in XSS attacks are the loss of confidentiality and integrity of your data being that attackers would gain access and can enter bogus data.

How does LoadSpring protect against XSS attacks? Again, it is going to be through a mixture of different security layers. Aside from at least five main measures to protect against an XSS attack, we randomly execute an Intrusion Prevention System and an Intrusion Detection System. Read more here.

Don’t settle for less! Boost productivity and ROI with LoadSpring. Call +1 978.685.9715 or email information@loadspring.com.

Brute Force and dealing with bullies

Generally, a brute force attack is not a software vulnerability, but it targets weak passwords and common accounts. Companies can detect this type of attack through an unusual spike in memory or CPU usage of an application, meaning if an attacker is hammering an application it will impact its overall usability.

The risk here is that, if an account is compromised, the attacker can impersonate the user and obtain full access to data.

As with all types of attacks, it’s important to rely on several preventative measures to protect against a man-in-the-middle or brute force attack.

  • Penetration testing
  • Layered security
  • Require complex frequently changed passwords
  • Change default accounts
  • MPLS and IP restrictions
  • Federated authentication
  • Direct access prevention

Distributed Denial of Service (DDoS) – shoring up the floodgates

A DDoS is an attack where systems are compromised in an attempt to take an online service offline, or to prevent access by flooding the available bandwidth. This type of attack could happen directly against a data center, or against a critical service like your domain name system (DNS) provider. Your DNS provides visitors with access to your website or SaaS, so if an attacker is able to take it offline, legitimate users won’t be provided access.

The risk with a DDoS attack is more on the access side and has gotten worse with the rise of the Internet of Things (IoT).

Having multiple devices in place that automatically detect if there is high traffic coming from an area that is not a legitimate user is essential. A sound partnership with an ISPs can enables you to redirect attacker traffic to a black hole or a null route before it saturates your bandwidth.

MPLS is another measure to use against DDoS attacks being that it is a dedicated network independent from the internet attacks that go against primary websites.  If a DDoS attack is a concern, the best way to protect against it is with a direct MPLS connection.

Who goes there? Secure Sockets Layer (SSL) Vulnerability

An SSL vulnerability attack exploits older SSL versions and/or vulnerabilities in current versions of transport layer security (TLS), where, if compromised, it allows attackers to pose as the legitimate website through a man-in- the-middle attack.

If successfully exploited, an SSL vulnerability provides attackers with authentication information and enables them to gather information passively.

This attack is more unique to LoadSpring’s hosting style, since we may be required to host older applications or versions that have outdated patches and SSL versions. We see this often with Oracle Contract Management, Primavera P6, and some of their older versions.

LoadSpring protects against SSL vulnerabilities:

  • Penetration testing
  • MPLS and IP restrictions
  • SSL Offloading
  • Federated authentication
  • Patching

Ransomware. Paying big bucks to get your files back should not be your only option

Ransomware is a type of malicious software that has gotten significant media exposure lately. It exploits a website’s vulnerabilities and encrypts all systems granting access to the owner only after a ransom is paid.

A successful ransomware attack encrypts all data and blocks accessibility. Even when backups that are tested and validated are in place, it can still take between 33 and 72 hours to recover from a ransomware attack. For example, you are probably aware of the WannaCry ransomware attack in May 2017 that locked more than 300,000 computers in 150 countries.

Ransomware hits across multiple areas, so we execute more prevention measures to ensure the integrity of our customer data remains intact. See our complete solution here.

Business owners need to ask themselves, “how much data can we afford to lose?” Many backup schedules are performed nightly, or every eight hours, when in reality the business owner can’t afford to lose more than 15 minutes’ worth of data.

In the event of a direct ransomware attack, LoadSpring has backups in place that occur every 15 minutes to make sure that’s the most amount of data we would lose, which enables our customers to quickly roll back.

Complex Security for Complex Problems

When it comes to software, the more complex the application the more surface area there is for an attack against it. The enterprise applications we host are very complex, so our teams constantly go through and evaluate threats to ensure all the applications we host are protected regardless of the threat. Keep your Project Management Cloud safe from invaders, acts of nature and generally nasty situations. LoadSpring defends all. Call us today at 978.685.9715 or email information@loadspring.com.

Recommended Resources