Amanda is an IT manager with 21 employees on her retail company’s team. She has faced some of the most difficult issues related to technology including internal hackers, data theft, and API mismanagement.
When she arrived at work today, she noticed that some of her company’s websites and applications were moving extremely slow or completely unavailable. Her call center is on red with frustrated customers. Her dashboards indicate a confusing problem.
What just happened? A DDoS attack or Distributed Denial of Service attack has hit her system causing downtime to multiple websites. Traffic is being deflected, routers are passing traffic, and while the database is up, the web server is unresponsive.
Multiple people within the company are hurrying to place calls to the ISP and application vendors looking for answers. Senior management demands answers to why operations has been halted.
Amanda is up against a difficult situation. Panic is often the response when a DDoS attack hits. In the face of malicious actors and multiple forms of attacks, her IT teams now must work overtime to triage the unfolding situation.
A DDoS protection plan is critical especially with so many cyber-crime incidents and the numerous threats that are made. While the impact of a DDoS attack is easy to notice, the DDoS attack landscape has changed. IT teams must work hard to ensure the security of websites not after the fact, but before it.
Amanda now must fix this current issue and implement a plan for DDoS protection. After the panic dies down, she does her research to discover 8 of the best practices for building and maintaining a DDoS Protection Plan:
1. Anticipate the single points of failure. DDoS attackers can target any point of failure including domain name system, origin server, and data center and network infrastructure.
2. Verify your ISP’s capability to provide DDoS protection. Your ISP could be your single point of failure.
3. Don’t overestimate your infrastructure. Your current edge network infrastructure might work well with normal usage, but could fail during DDoS attack.
4. Identify what you need to protect and the business impact of its loss. Determine what internet-facing assets you must protect and the costs and impact that it would be incurred.
5. Identify acceptable time to mitigation. Make sure you know how to activate your DDoS protection service.
6. Deploy a DDoS protection service before you need it. Avoid the chaos and choose the best solution, know who to call and what to do, and test and optimize.
7. Develop a DDoS response runbook. A runbook will allow your organization to experience a controlled and streamlined response environment when an attack is on the horizon.
8. Tabletop your DDoS runbook to ensure operational readiness. Test. Test. Test. Test in a simulated environment. This is one of the best ways to ensure operational readiness.
With these 8 steps in mind, Amanda is ready to go back to her team with a strategy for ensuring her IT team is prepared to face a DDoS attack.
The best way to avoid DDoS downtime is to implement a DDoS protection plan before your organization is targeted. If you want to find out how to do that, click the link below for more information.