June 11, 2021 (Investorideas.com Newswire) The UK Government, alongside the Financial Times, the Guardian, and New York Times, Verge, Reddit and Twitter, to name a few, recently had issues with their websites following a problem that stemmed from their cloud computing provider, Fastly.
Fastly is an Edge Cloud provider. This means that their aim is to speed up the loading times of their clients’ websites, and to protect these websites from denial-of-service attacks, especially during peak times when attacks are higher. However, for an hour at 11:00BST on Tuesday 8th of June, the company had issues with its global content delivery network, causing major issues to the websites it supports.
What this really highlights is the blind trust that organisations place in cloud service providers. This brings into question the inherited resiliency risk that you acquire from cloud service providers. If there is a critical dependency, be sure that there is a Plan B, in case of failure or cyber incident. Where possible protect yourself contractually with SLA’s and assurances from your service provider on their resiliency and DR procedures.
So far, this specific issue seems to have only impacted sites across Europe and the US. Fastly report that they have investigated the issue to restore impacted websites and to fix the original issue; “we have identified a service configuration that triggered disruption across our POPs (points of presence) globally and have disabled that configuration. Our global network is coming back online.”
What is clear, however, is that when so much infrastructure is put on a single source, on a single CDN or Cloud hosting company, when this source buckles, the disruption it causes is vast.
‘Liability for loss of service will probably be covered by the service level agreement with customers of paid-for cloud services but the agreements will typically not cover all losses sustained’ – Prof Rebecca Parry of Nottingham Law School.
‘They were lucky that this was a configuration error, and not a malicious attack. To reduce disruption, a Service Level Agreement (SLA) needs to meet the organisations requirements. This means that there needs to be a back-up plan to repoint services. There needs to be assurance regarding security controls. That way, organisations will know what data is cached, for the performance of their services.’ – Chris Cheyne, CTO, SecurityHQ
For more information, learn about Managed Detection and Response here, to know exactly what is happening on your network, to detect issues and respond to them in rapid time.
SecurityHQ prides itself on its global reputation as an advanced Managed Security Service Provider, delivering superior engineering-led solutions to clients around the world. By combining dedicated security experts, cutting-edge technology and processes, clients receive an enterprise grade experience that ensures that all IT virtual assets, cloud, and traditional infrastructures, are protected.
Authors: Eleanor Barlow, Content Manager, SecurityHQ
For media enquiries please contact Eleanor Barlow, +44-(0)20-332-706-99, firstname.lastname@example.org
This news is published on the Investorideas.com Newswire – a global digital news source for investors and business leaders
Disclaimer/Disclosure: Investorideas.com is a digital publisher of third party sourced news, articles and equity research as well as creates original content, including video, interviews and articles. Original content created by investorideas is protected by copyright laws other than syndication rights. Our site does not make recommendations for purchases or sale of stocks, services or products. Nothing on our sites should be construed as an offer or solicitation to buy or sell products or securities. All investing involves risk and possible losses. This site is currently compensated for news publication and distribution, social media and marketing, content creation and more. Disclosure is posted for each compensated news release, content published /created if required but otherwise the news was not compensated for and was published for the sole interest of our readers and followers. Contact management and IR of each company directly regarding specific questions.
More disclaimer info: https://www.investorideas.com/About/Disclaimer.asp Learn more about publishing your news release and our other news services on the Investorideas.com newswire https://www.investorideas.com/News-Upload/ and tickertagstocknews.com