How to Evaluate DDoS Prevention Services
Does your business need to be proactive to prevent a distributed-denial-of-service (DDoS) attack? Would you leave your store or home unlocked? Would you leave your work laptop open and unattended if you left the premises to go retrieve something from your car? Why do I keep asking these blatantly softball questions?
All kidding aside, recent Akamai analysis of the DDoS threat landscape revealed that this type of attack is up 16% in the past year alone. When you drill down into how criminal actors are evolving, the stats get grim. Attacks against applications have increased by 38% in the last year.
New forms of DDoS are cropping up all the time, including the previously unused “Memcached” technique used in the GitHub attack.
If your organization gets hit with a DDoS attack, you could experience such a high volume of requests flooding your application server that your security tools are unable to mitigate the volume, and your websites and applications crash for hours on end. A DDoS attack could leave your employees unable to perform their jobs, and your customers unable to access your website, apps, or other necessary data.
Evaluating DDoS Prevention Services
The cybercrime landscape is complex and evolving quickly. Understanding the right solutions and services isn’t simple. We’ll help you understand how to evaluate DDoS prevention services.
What are DDoS Prevention Services?
DDoS prevention services are managed IT security services which combine best-of-breed security solutions and infrastructure with the expertise of security analysts to detect and prevent DDoS attacks before they occur. When prevention analysts discover a potential threat, they perform data analysis and use methods such as traffic redirection to protect clients from DDoS attacks.
DDoS prevention services are the first line of defense, but are often combined with DDoS protection services which are typically cloud-based software applications designed to automate protection. DDoS protection mitigates an attack that slips through initial defenses. Protection services isolate, stop the attack, and eradicate it.
Managed DDoS services may include several levels of protection against nefarious network intrusions, depending on a client’s needs, risks, and budget. Leading options offer 24/7 support, transparent reporting, and active configuration management so businesses can actively block high-risk categories of traffic.
Security expert Tracy Kitten recommends that organizations take a holistic approach to planning for DDoS risks by ensuring their prevention provider offers all of the following:
- Sophisticated technologies for monitoring and mitigation
- Active risk assessments, with the help of a vendor or service provider
- Trained mitigation and response experts
Who Needs DDoS Prevention Services?
Every business is at risk of DDoS attacks in 2018. Trying to proceed without prevention services is like leaving your store or house unlocked and open to criminals. A 2018 global study concluded that in a recent quarter “we observed a significant increase in both the total number and duration of DDoS attacks.” Organizations across industries and around the globe are at risk for suffering floods which create devastatingly expensive downtime.
Small businesses or organizations in industries that don’t think they’re likely targets for an attack may be facing greater threats than previously believed. In recent months, DDoS attacks have become more sophisticated and complex. According to one NETSCOUT Arbor study, 59% of DDoS victims suffered a multi-vector attack. This type of threat combines several types of attacks, including high-volume floods and attacks on applications, making it virtually impossible for businesses with traditional DDoS protection solutions to defend themselves.
The costs of suffering a DDoS attack are estimated between $20,000 and $100,000 per hour—a price which would be devastating for many organizations. More than two-thirds of DDoS attack targets were hit with more than one attack in a single given study year, according to the same report. "Along with revenue loss, companies also experience customer and employee churn as well as reputational damage,” says researcher Gary Sockrider.
Learn more in What You Need to Know About DDoS Attacks.
How to Find a DDoS Prevention Service Provider
If your organization is dependent on data and technologies to do business, DDoS attacks are a very real risk. With the increased volume and sophistication of attack trends in recent months, technology-based solutions are generally insufficient. Organizations need to combine technology and expert analysts for a proactive response before they suffer costly downtime. The following questions can help you find the right DDoS service provider for your needs:
1. Do You Have Dedicated Threat Intelligence Analysts?
It’s critical that a DDoS prevention service offers human analysts to act as a buffer between the technology and clients. One recent study showed 27% of security operations analysts face a million or more alerts each day—the vast majority of which don’t require any action. Analysts are a critical component of the service to avoid concerning and overwhelming false positives, and design a proactive response when needed.
2. Is Your Staff Experienced?
Seconds can count when it comes to putting a plan into place to prevent an attack. Ensure a prospective DDoS prevention provider offers highly trained, skilled analysts with front-line knowledge, as opposed to individuals with little real-world experience.
3. Do You Serve Clients Like Us?
Years of experience matter when it comes to selecting a DDoS provider, but industry-specific experience matters, too. Ensure a prospective service can competently handle the needs of your organization’s size, industry, regulatory requirements, and other unique factors.
4. How Do You Mitigate Malicious Traffic?
Ideally, your DDoS service provider should protect against threats in two ways; proactive traffic monitoring and immediate traffic redirection when a DDoS threat is detected. Ensure you’ll be able to receive always-on access control lists and proactive monitoring and response capabilities.
5. Can You Protect My Cloud or Co-Located Servers?
If you don't host application servers on-site, ensure your service provider can accommodate your infrastructure and collaborate with your hosting provider on DDoS protection. If applicable, it may also be wise to inquire if they offer any other managed IT, business communications, or cloud services to enhance your security posture.
6. Do You Offer a Service-Level-Agreement (SLA)? What is Your Record?
Any exceptional DDoS prevention service provider should be committed enough to risk mitigation to offer guarantees against downtime risks. Ensure the provider is willing to prove a successful track-record of maintaining client uptime and preventing DDoS threats.
7. Are Your Services One-Size-Fits-All?
Not every organization’s needs are the same when it comes to DDoS prevention services. Some organizations with robust on-site security staff may prefer to actively engage with a client portal to receive security alerts and review historical logs. Other firms may prefer to take a fully-outsourced approach to DDoS prevention.
DDoS Prevention Services: A Proactive Approach to Threats
In recent months, businesses worldwide have suffered devastating downtime and massive business losses due to an increasing variety and volume of DDoS attacks. Failing to protect against DDoS threats is a significant risk. For many businesses without protection, suffering a complex and pervasive attack is inevitable.
Investing in DDoS prevention services can provide peace of mind. With best-of-breed technology and expert analysts, organizations can proactively prevent and respond to risks in real-time instead of trying to reverse attacks as they occur. With an understanding of how to evaluate providers, organizations can significantly improve their business continuity.
If your business is located in the Washington, D.C. area, Atlantech Online offers DDoS Protection Services (DPS) based on NTT Core. DPS Core is an advanced tier of service for customers that require full DDoS mitigation support. DPS Core is supported by a Network Security Team, the same expert team responsible for keeping the company’s Global IP Network infrastructure safe and secure.