IN-DEPTH 10 March 2016
DDoS is too important to ignore
Nexusguard vice president Xenophon Giannis offers a four-step plan for DDoS mitigation
By Xenophon Giannis
When people think of cybersecurity, they don’t tend to think about i-gaming. Data breaches suffered by leading retailers, health insurance companies and others get most of the attention, but since the early 2000s competitive warfare amongst the large online casino operators helped birth the cloud distributed denial of service (DDoS) mitigation industry. DDoS attacks have become one of the more significant threats, and the possibilities of extended downtime and stolen customer data are too much for anyone involved in online i-gaming to ignore.
Here’s a four-step plan to making DDoS protection work in gaming, no matter which kind of company you are:
Consult an expert to develop a solution
If you don’t have a cybersecurity expert on your team, it’s important to consult with one. Different kinds of environments require different methods and levels of protection. Cloud-only infrastructures vary from hybrid architectures. For example, if your company is 100% cloud run, you may not need origin protection. Application protection is usually sufficient for cloud-centric sites of any kind. Moreover, a security expert can help you identify where you’re vulnerable and how to plug the holes. The unfortunate reality is that it’s increasingly difficult to eliminate DDoS threats entirely. You need to know what amount of downtime you can manage and when it’s feasible. Gathering all of this information and working with a security specialist will help determine the solution you need.
Choose your protection
Non-stop service and on-demand service are both viable options for different kinds of companies. I-gaming applications and platforms need to be available at all times. It’s worth it to pay for DDoS protection that comes with 24/7 monitoring and threat protection to stem the flow of an attack before it overwhelms systems. Beyond that, hardware-enforced security is an option for some, too. Going with the hardware option can help, but it may also require some cloud complement to it. This is especially true for companies that may want to stay online despite huge attack spikes, but whose hardware supports loads that fall within typical levels day to day. After you put the system in place, you need to continue an active role with your DDoS protection provider. What are you supposed to do and which representatives will you contact when an attack takes place?
Analyse and test
This is one of the most significant aspects of any IT procedure. When you put a plan in place, you need to test it and ensure it evolves as your technology and company change. You may not notice vulnerabilities until your infrastructure is tested to the max. By putting each level of protection through its paces, including your software, hardware and human resources, you can identify bottlenecks that could have ripple effects on other systems or customer access. Each stakeholder needs input into the DDoS protection plan, so your team can learn of issues that may arise in the event of an attack.
Know your provider and path to escalation
Sometimes, companies will enlist more than one DDoS provider as part of their emergency protection plan. The providers need to know this, so they don’t end up mitigating each other’s work. DDoS protection works by moving the influx of traffic around to different Internet service providers (ISPs). When they don’t know multiple providers are working on an attack, they can risk offsetting the protection they provide. Instances of over-provisioning have led to providers not responding to attacks, thinking others would sort it out. Anyone with a hand in cybersecurity of your site needs to know about the network’s history and which other companies are involved.
In other industries more accustomed to concerns about data breaches and security problems, the paradigm has shifted from thinking of 'if' an attack occurs to 'when'. Companies involved in online gaming need to start thinking the same way.
Xenophon Giannis is the vice president at Nexusguard. With extensive experience in cybersecurity, data centre IT and cloud computing, Giannis has a successful track record creating and leading organisations, driving regional B2B sales efforts, and scoring key accounts and strategic partnerships with leading companies.