Along with performance and stability, security is a key goal of ours. ZeroLag’s technical staff has of course been selected due to their technical background, but it is still notable that each member has professional experience working exclusively as a information security specialist. Our security-minded staff has created several security policies that will directly benefit you as our customer.
There are several important factors in maintaining good security, and we place emphasis on all of them. Our methods include three core layers of protection for your server: regular software updates, firewall protection, and intrusion detection systems (IDS). These three layers have protected our servers from every attempted break-in to date.
The fact that none of our systems have ever been compromised is something that we are very proud of.
Firstly, all of our engineers are subscribed to Bugtraq, CERT, and vendor-supplied security bulletins. We take interest in keeping up-to-date with the software flaws released, and pride ourselves in extremely quick upgrades in the event of a discovered flaw. We also notify our customers who may be running affected software on servers we don’t control about these flaws so that they may upgrade and avoid any system compromise. Running outdated software is by far the number one cause of a break-in, and by upgrading our software continuously, we have avoided break-ins on our systems.
We have implemented extensive logging features on our Cisco firewalls that are under constant review by our staff for any signs of suspicious network activity. These same firewalls are used to create a defaultly secure network – that is, we do not allow access to your servers except in the ways you specify you want to access it. This eliminates the possibility that an attacker will be able to connect to your server in ways he’s not supposed to.
All of our servers feature intelligent Intrusion Detection Systems (IDS) which are aware of any filesystem change and report to us immediately when a change takes place. This means that in the unlikely event of a break-in, we will be able to lock-out the attacker before any damage is done. We have performed penetration testing (where we break into one of our own servers) and have found our IDS systems to be very effective in alerting the staff to unusual activity.
As you can imagine, a break-in can have a seriously negative impact on a company. The aftermath is usually expensive (hardware is often intentionally damaged by an attacker), frustrating (amongst other things, the website is usually down for a period of time), and damaging (attackers often replace hacked webpages with a different, offensive webpage that will upset your customers). ZeroLag is a company based on professional security techniques, and we believe that we can protect your company from the many dangers of the Internet.