Page 7 - Campus Technology, May/June 2018
P. 7

2017, for example, Akamai successfully defended against a 1.3 terabit-per-second peak distributed denial of service (DDoS) attack—the largest DDoS outbreak ever recorded— that struck GitHub.
There has recently been considerable growth in DDoS attacks. Armed with massive armies of botnets (or, in the case of GitHub, memcached servers), hackers use DDoS amplification attacks to quickly render IT systems inoperable. And they’re extremely difficult to defend against.
To counter this growing threat, IT leaders have several options, says Cholan. They can procure and adopt on-premises hardware appliances for security, license cloud security services, or to run a combination. Regardless of the tactic, cloud security services must address Zero Trust concerns at three levels:
Scale: Cloud security providers are focused on investing in infrastructure and building out for scale. “We want to be three or four steps ahead of these large attacks, so we can effectively protect our customers. We have a lot of capacity to absorb these large attacks,” he says. “Even large universities don’t have that amount of bandwidth.”
Intelligence: While an institutional IT security manager has visibility into the data on his or her own network, a
As a number of experiments and actual breaches have proven, the firmware embedded on IoT devices is highly vulnerable to hacking. —Ram Cholan, solutions engineer,
Akamai Technologies
cloud provider carries a vast amount of daily traffic, says Cholan. “Our team analyzes trillions of queries and petabytes of data every day to detect anomalous activities and malicious attacks. Having access to such a massive amount of data shines the light on many cyber threats that others don’t see, and we use this intelligence to effectively protect our customers.”
Security expertise: Hiring seasoned security experts is extremely difficult and expensive. Hiring, training, and retaining these employees is a challenge for most organizations. “When you go to a cloud provider, we have a large team of security experts whose knowledge will help to improve the client’s security posture,” he says.
Few schools are interested in the rip-and-replace scenario. It’s more likely they’ll want to augment existing firewalls, anti-virus, and anti-malware protection. That’s where the security hybrid approach fits, by adding additional layers where they’re needed, Cholan says. For example, Akamai’s Enterprise Threat Protector is a cloud based recursive DNS solution that adds protection against targeted threats such as malware, ransomware, phishing, and command and control. Akamai’s cloud-based Fast DNS service—backed up by fast-moving mitigation services delivered by Akamai’s Prolexic Solutions—is what helped GitHub counter that DDoS attack.
In this zero-trust world, any organization or institution must, “think beyond traditional on-premises security appliances and to consider cloud-based security- as-a-service offerings,” he says. “The current threat landscape requires a revolutionary—not evolutionary— approach to security.”
For more information, please visit The Zero Trust Security Model.

   5   6   7   8   9