Canadian Web Hosting Blog and News
19Dec/140

Canadian Web Hosting offers Intrusion Detection and Protection through their TippingPoint Intrusion System

As a hosting company, one of our biggest and most serious threats is an unauthorized access into our networks. These threats are caused by intruders and viruses – the two most serious issues in our industry.

  1. Intruders who do not have authorized access to a system will probably need to penetrate a system and gather information on a user to access data, programs, and resources. Intruders may also attempt to launch an attack after compromising a system.
  2. Intrusions can vary in severity. Some examples of intrusions include: gaining email access of former employees, guessing/cracking passwords, installing and making use of remote administrative tools, etc.
  3. An Intrusion Detection System (IDS) is a device or application that is used to monitor in/outbound activity to identify suspicious activity. It is an intelligent system looks for a network or system attack to prevent someone from attempting to compromise a system. The IDS is deployed physically as a layer in a network and monitors unauthorized activity in its environment. The IDS assumes that a threat would behave differently than regular activity and that these activities can be quantified.

A secure system should:

    • Stop Threats and improve performance
    • Industry proven, proactive network security
    • Protects your website and revenue generating activities from malicious threats
    • Lowers your bandwidth usage and prevents network abuse
    • Prevents data loss and helps ensure corporate governance and security compliance

To counter intruders and intrusions, Canadian Web Hosting employs an Intrusion Detection System (IDS) and an Intrusion Protection System (IPS) called the TippingPoint Intrusion System.

Every web hosting plan and server on Canadian Web Hosting is protected by our TippingPoint Intrusion System. Our clients can immediately receive alerts when a critical threat is identified to possibly impact a system’s security infrastructure.

 

tippingpoint

 

 

 

 

 

 

 

 

 

How it works:

The TippingPoint IPS is an in-line device that is inserted seamlessly and transparently into the network. As packets pass through the IPS, they are fully inspected to determine whether they are legitimate or malicious. This instantaneous form of protection is the most effective means of preventing attacks from ever reaching their targets.

The TippingPoint Intrusion Prevention System is a data-packet inspection system that looks at information packets sent through the Internet before they reach a company's network. The core component of the system is TippingPoint's Threat Suppression Engine (TSE) based on specialized hardware designed by the company. Using parallel processing, the TSE can apply thousands of checks to data packets in an average time of less than 215 microseconds.

The TippingPoint Intrusion Prevention System can be effective against a wide range of potential cyber-attacks including so-called "denial of service" attacks. Denial of service means that attackers attempt to shut down a website by overloading it with a huge traffic spike over a very brief time period. The system can also be used to enhance overall website performance by allowing users to prioritize among applications so that the most important are always kept up and running. The system also includes regular virus blocking updates.

TippingPoint's Intrusion Prevention Systems provide Application Protection, Performance Protection and Infrastructure Protection at gigabit speeds through total packet inspection. Application Protection capabilities provide fast, accurate, reliable protection from internal and external cyber-attacks.

An integral part of the TippingPoint solution is the Digital Vaccine® Service that delivers new filters on a weekly or even daily basis to maintain evergreen protection for the latest vulnerabilities, exploits, viruses and rogue applications.

A data sheet for the TippingPoint Intrusion Prevention System can be found here.

Sheila W.
@CAWebHosting
@CWHUpdates

5Dec/140

Simplifying cloud storage services

Cloud/CanadianWeb Hosting

With so many cloud storage options on the market, the services we use often overlap. It’s not uncommon to have an account on Dropbox, Google Drive, Microsoft OneDrive and Amazon Cloud Drive, and then be registered for some backup services like Backblaze or Mozy. Others rotate between storing their photos on Flickr or SmugMug. But how do we choose the right service to store our data? Or a better question – what services do we actually need?

Some of the services mentioned above are free to use, but often with limited data. Some are inexpensive for a lot of storage, but the cost of multiple accounts add up to expensive storage. Many of us also sync these services on our device – this could be a mobile phone or laptop. We do this to save time and to have all the files accessible from anywhere, but it also slows down our devices and wastes bandwidth.

Why don’t most of us stick with one storage option then? The issue is that all these services are each unique but not a single one solves all our storage needs.

For example, using Dropbox means Google Docs can’t open files stored there. If we store on Google Drive, then iOS apps that only support iCloud won’t be able to access those files. We know that services within its own brand work well together, such as Apple, Microsoft, or Google, but often are not compatible with their competitors. One exception is Microsoft making Dropbox accessible in Office for iOS (bonus points). Another problem is the variation in privacy and security between cloud storage services. They are also developed differently (e.g. how it saves older versions of files) and use different APIs for integrating third-party products.

To solve this, we can follow these tips:

  1. Maximize compatibility – sign up for the cloud storage option that is most widely supported by apps. This would probably be a service like Dropbox, which is supported by iOS, Android and Linux platforms.
  2. Minimize redundancy – by minimizing the amount of services we use, cloud storage becomes simpler. Stick with a few that cover different requirements.
  3. Understand the difference between cloud storage and cloud backup – cloud services that are for “storage” are usually better at syncing files across devices. These services copy your files to servers and allow retrieval from your difference devices. Cloud “backup” services are better at data restoration and encryption.
  4. Keep the clouds separate – keep your files stored on one cloud service only to avoid confusion about where things are. Syncing clouds can be a waste of effort and money. Only use aggregator services when necessary (when you really have no idea where things are or is just starting to get organized).

Sheila W.
@CAWebHosting
@CWHUpdates

27Nov/140

New PCI data security standard in effect Jan. 1, 2015

Many organizations have been preparing for January 1st, 2015, when version 3.0 of Payment Card Industry’s data security standard (PCI DSS) will come into effect.


 PCI guidelines are very important for small and medium businesses and organizations that process credit and debit cards (whether directly or indirectly).

However, meeting the data security standard doesn't necessarily mean an organization meets and maintains compliance. Businesses should stay on top by preventing intrusions with the following PCI best practices:

1. Maintain compliance for security: Businesses want to look good, which means that they often forget the purpose of meeting PCI DSS compliance is to maintain security of card-holder information and not just to achieve a favourable Report on Compliance (ROC).

2. Have a compliance manager: A designated person or team should have the resources and authority to manage security within a business. This might mean engaging with certain personnel and continuous collection of evidence that shows compliance and effectiveness of PCI DSS.

3. Make security a part of the company's culture: Fulfilling PCI DSS compliance is often not enough to secure all risks. Make a habit of protecting an organization's data and infrastructure and implement risk assessment processes, especially during big changes to the IT environment.

4. Monitor security controls and measure success:  Have a consistent and continuous documentation of the status of security controls, including the implementation and effectiveness of it. Automated control monitoring tools may be helpful and aim to develop metrics used analyze success and effectiveness of your security. Measure implementation (how many systems have password security), effectiveness (how many vulnerabilities have been patched) and impact (how much return is there for your security efforts).

5. Be prepared: Organizations need to be able to respond immediately following security control failures. Have steps set up to restore operations to normal as soon as possible, and then identify the cause of the failure. Then follow up with better security and higher monitoring frequency. When business objectives change or if a key IT security personnel leaves your organization, have change-management practices prepared and analyze associated risk.

6. Commit to security: Maintaining compliance is critical for organizations, but it also means businesses and their executives need to co-ordinate efforts in sustaining that compliance. Allocate enough resources to be successful in building an ongoing PCI DSS program.

Graphic from NAC

Sheila W.
@CAWebHosting
@CWHUpdates

17Nov/140

CWH attends Startup Week Vancouver!

Startup Week is back in Vancouver, with featured events including Devlops Day, Insights on Innovation, Techvibes Tech Fest Jobfair, Fireside Chat with Dan Martell (founder of Clarity), Vancouver Impact, and much more. (View the full schedule here.)


Startup Week Vancouver

 We’re excited to be attending these events that feature workshops to help startups and tech businesses. Canadian Web Hosting is a big supporter of new businesses and host for many small to big ones, many of which have been with us from the beginning of their ventures.

With Canadian Web Hosting, startups can rely on experts for guidance and tech support so that you can focus on building your new product and growing business.

For more information about Canadian Web Hosting, visit us at www.canadianwebhosting.com or email sales@canadianwebhosting.com.

29Oct/140

Canadian Web Hosting sponsors the Society for Kids at Tennis (KATS)

Canadian Web Hosting is proud to announce their second year sponsorship of the Society for Kids at Tennis (KATS).

Founder and General Manager of KATS Sy Silverberg, is a retired physician. At age 72, he and his wife Catarina wanted to give back to their community and so they started their own non-profit society to provide children in poor financial circumstances with an opportunity to play tennis for free.

Board of Tennis BC presents Sy Silverberg with 2014 "Excellence Award"/KATS

Sy wanted to help these children foster physical, emotional, and social well-being. He believed in setting kids up for success so that they can develop a sense of self-worth and self-esteem. Physical activity would also provide significant benefits in a society where childhood obesity is climbing at an alarming rate.

Besides free equipment and instruction, KATS employs the Tennis Canada “progressive tennis” approach. KATS uses age-appropriate racquets, courts, and balls because adult-intended equipment can be overwhelming and frustrating for younger people to use. Sy believes that this will help build their confidence, especially for those who are not “natural athletes”.

Through their partnership with local community centres and inter-cultural centres, KATS has instructed 112 kids and conducted 97 hours of lessons in their first spring and summer of operation. Sy plans to work with six lowest-income schools in the near future and anticipate that close to a 1000 kids will sign up with KATS next spring.

For more information on Society for Kids at Tennis, visit them at kidsattennis.ca.

Canadian Web Hosting is a leading managed hosting company that specializes in hosting business and enterprise-class clients. One of only a few SAS70 Type II and CICA 5970 certified service providers in Canada, Canadian Web Hosting delivers a secure and scalable service delivery for a diverse range of companies throughout Canada.

For more information, please visit us at www.canadianwebhosting.com or email us at sales@canadianwebhosting.com

Sheila W.
@CAWebHosting
@CWHUpdates