|
Web site defacement is a menace that poses a great threat to organizations and people involved in online businesses. The whole idea behind Web site defacement is to devalue the content of a Web site by posting incorrect information, thereby misinforming the people who visit that particular site. Most hackers deliberately break the security codes of a Web site to prove their point.
Web site hackers manipulate or corrupt the information available on Web sites to give the wrong message to visitors. This can be disastrous for business Web sites. In fact, surveys by Computer Security Institute (CSI) show that more than 30,000 Web sites have been defaced in the last couple of years and the numbers are increasing.
Studies by Malaysian Computer Emergency Response Team (MCERT) confirm that more than 85 percent of the companies that encountered Web site defacement are primarily large corporations and government organizations. The vulnerability of systems and security features indicates that no Web site is immune to Web site defacements. Weak anti-virus programs, which often go unused, position Web sites as targets for hacking.
Another study by MCERT shows that most Web defacements, or hackings, take place on weekends when traffic on commercial and official Web sites is low. Nearly 2,000 new hosts are infected every single minute according to the study.
The damage from Web defacement has been felt globally and has led to huge losses in business revenue. The damage has been done in the form of computer breaches, financial losses, decreased productivity and system downtime. The market image and brand name of various large and small companies has been negatively affected, or even ruined, due to Web site defacement. With defacement being such a threat, there are certain measures that can be taken to prevent revenue losses.
Unauthorized changes in Web content should be discovered and rectified instantly, before things get out of hand. There are two basic ways in which Web site defacement can be rectified: installation of software tools for protection of the Web site and third-party external monitoring services.
If you are conducting your business online, self-monitoring your Web site is both tedious and time-consuming. This is where different external monitoring agencies come into the picture. Internet monitoring services can easily pinpoint problems with your Web site and its performance. Monitoring reveals problems that your customers might be facing, which you might not catch through self-monitoring of the network.
External monitoring services such as simplified monitoring, reporting, notification, escalation and analysis can safeguard your Web site. In addition, external monitoring services can generate reports about the performance of a business' servers from multiple locations spread across the globe.
This multi-location monitoring is based on a remote diagnostic server that regularly analyzes and scrutinizes the network. It can generate alerts and notify you of any performance issues in the network within seconds, thereby minimizing losses you might otherwise suffer. Not only do these services ensure that your Web server is protected, but they can also monitor other servers such as your e-mail, FTP, database servers and other devices.
External monitoring agencies can monitor your Web site from multiple locations around the world, allowing you to choose what you want monitored and how often. They can also provide detailed reports on your Web site visitors' experience in terms of response times, whether your site is one page or a complex Web application.
If you think that your Web site is safe from defacement because your level of operations is small -- you need to think again. There are no failsafe solutions for any Web site, but it is important to have a strategy in place. That way, when a security breach occurs, restorative actions can be taken immediately.
Mr. Mazo is CTO of Dotcom-Monitor (www.dotcom-monitor.com), a Web Site Monitoring Service that ensures the reputation and profitability of e-businesses by bringing together monitoring, reporting, notification, escalation and analysis.
|