Of all the cybersecurity threats today’s businesses face, distributed denial-of-service (DDoS) attacks are among the most complex and devastating. This type of breach involves multiple compromised systems that work in conjunction to shut down service.
Although security technology is becoming more sophisticated, so are hackers, and you don’t want to be caught unprepared if (or more likely, when) your company’s data gets compromised. Below, a few members of Forbes Technology Council each offer one important prevention measure to help your IT department defend against a DDoS attack.
1. Continue To Add Layers Of Defense
Remain vigilant, continuing to add layers of security as they become available. Also provide your department with signs to look for so they have a better idea of potential threats. This provides for a much more proactive approach to security. - Chalmers Brown, Due
2. Practice Your Response Plan
Have a plan on what to do and who should do it, then do a dry run against it a few times a year. Go further than just your IT team - involve your vendors, executive team, etc. and ask for feedback on what would help them help you in the face of a DDoS attack. Update your plan each time. This practice helps your team execute fast and has the added benefit of showing those around you that you’re prepared. - Brian Fritton, Patch of Land
3. Use A Web Application Firewall (WAF)
A Web Application Firewall (WAF) is your best line of defense against a DDoS attack. It acts like an antivirus that blocks all malicious attacks on your website. It sits above your application at the network level to provide protection before the attacks reach your server. Using a WAF not only protects you against DDoS attacks, but also improves application performance and enhances user experience. - Thomas Griffin, OptinMonster
4. Leverage Cloud Services And Educate Yourself Continually
Cloud providers will handle security better than you can do in-house — especially if you’re a target. Even the U.S. government leverages cloud providers to consult and augment security. Amazon has DDoS mitigation services, and their DNS is both inexpensive and secure. Educate yourself to stay aware of the potential threats and mitigation services that are available to you. - Tim Maliyil, AlertBoot
5. Help Employees Educate Each Other
Since our inception, we’ve had a personal ‘buddy’ assigned to any new team member. They are responsible for teaching the new person all of the dos and don’ts of the department, and also get them more culturally aligned with the team/company. - Pin Chen, ONTRAPORT
6. Get Senior Management Involved In Security Planning
It is critical for companies to include senior management in DDoS prevention planning. Most attacks are due to poor ongoing security practices or setups. Ransomware attacks alone cost over $1B in 2017. Companies should consider cloud solutions that offer cost-effective managed security solutions, with ongoing security and maintenance updates, so that they can focus on building their core business. - Cristina Dolan, Trading Screen
7. Segment Your IoT Devices Behind A Firewall
While DDoS attacks are difficult to prevent, you can minimize the impact by enabling DDoS and flood protection on your organization’s firewalls. To restore order quickly in the event of an attack, develop a DDoS response plan. To minimize the chance of your IoT infrastructure being used in a DDoS attack, make sure all IoT devices are segmented on a dedicated safe zone behind a firewall. - Bill Conner, SonicWall