Akamai Diversity

The Akamai Blog

November 2013 Archives

Bill Brenner

Bill Brenner

November 27, 2013 6:15 AM

Four Things to Ask Before Seeking FedRAMP Certificat ...

Part 3 in a series. A few months ago I told you about how Akamai achieved FedRAMP certification and how, in our opinion, it was a very big deal. To understand what FedRAMP is and what certification means for Akamai's security program, see the post, "Akamai FedRAMP Compliance is Huge for Security."After you read that, understand this: The path to certification is hard. All compliance efforts are difficult, of course. But

Lorenz Jakober

Lorenz Jakober

November 26, 2013 3:48 PM

Will retail traffic spike at 10M views per minute th ...

0 0 1 125 719 Akamai Technologies Inc. 5 1 843 14.0 Normal 0 false false false EN-US JA X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:Calibri; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin;} Well, it's here. We're in the thick of the holiday ecommerce season. Mobile traffic to our retailers' sites is growing steadily

Dave Lewis

Dave Lewis

November 25, 2013 11:28 AM

Oh The Hackers Online Are Frightful

Thanksgiving holiday planning is well underway in the US as is the holiday season that follows. It is gearing up to be a bumper sales cycle this year. This year will not be any different than previous ones in that in addition to great deals there will be bad actors attempting to play the role of good ole St. Nick with nothing but a bag of malicious code for

Tara Bartley

Tara Bartley

November 25, 2013 9:39 AM

So...just how important are Operator CDNs?

Of course WE'RE going to say that Operator CDNs are important, we're Akamai. But what do the operators think? And further to that, what do the consumers think? In IDC's recently released white paper -- Broadband and Pay TV Operators Adopt CDN Strategies to Manage Changes in Consumer Video Behavior -- we find out. This white paper draws on extensive interviews with leading communications service providers in the US as well

Bill Brenner

Bill Brenner

November 25, 2013 9:32 AM

The DNS Security Collection

Welcome to the next step in our effort to make security content more easily available by topic. Today's collection of posts focuses on DNS-related threats and defensive measures. DNS reflection defenseRecently, DDoS attacks have spiked up well past 100 Gbps several times. A common move used by adversaries is the DNS reflection attack, a category of Distributed, Reflected Denial of Service (DRDos) attack. To understand how to defend against it,

Chris Nicholson

Chris Nicholson

November 22, 2013 11:53 AM

The Boston Globe Names Akamai a 'Top Place to Work'

Akamai is one of the best places to work in Massachusetts according to The Boston Globe's "Top Places to Work in 2013" survey. Akamai placed sixth in the "largest employers" category, moving up eight spots from last year, and was listed among the highest-ranking technology companies overall in the state.Employees from our Cambridge, Mass., headquarters were among nearly 76,000 respondents to a survey commissioned by The Boston Globe. To help

Akamai

Akamai

November 22, 2013 11:07 AM

So You Want to Secure Something

I've often heard the following question (or variants thereof): How do I secure [this thing]? Such a question rarely lends itself to a quick answer -- in almost all cases it prompts further questions: secure what, against what, in what cases, from whom? What options are you considering, and how will they help? Akamai InfoSec uses the Principals-Goals-Powers-Controls rubric to ask and answer these questions, and in so doing, help

Pierre Lermant

Pierre Lermant

November 22, 2013 9:53 AM

Part 2: A practical guide to web resource caching

The first part of this series reminded our reader on the best practices for caching and emphasized the need to isolate personal data from any page view content. In this second blog post, we will provide actual caching value recommendations for client browsers and edge servers. We categorize each resource by time sensitivity, list the main observed use cases for each of them, and propose TTL values for the client

Chris Nicholson

Chris Nicholson

November 21, 2013 11:54 AM

Sola Shines at Streaming Media Readers' Choice Award ...

We're honored that Akamai received three 2013 Streaming Media Readers' Choice Awards, which were presented during a ceremony at the Streaming Media West conference in Huntington Beach, Calif., on Wednesday, Nov. 20th. Akamai ranked first in the Content Delivery Network (CDN), Cloud Encoding/Transcoding, and Reporting & Analytics Platform categories.Akamai's Sola Sphere won for CDN. Built upon the Akamai Intelligent Platform of more than 141,000 globally distributed servers, Sola Sphere is

Bill Brenner

Bill Brenner

November 21, 2013 7:07 AM

Making Compliance Docs Public

Part 2 in a series.In my post about compliance and customer service, I briefly touched on one of the goals of Akamai InfoSec -- making as much of our compliance documentation public as possible. I want to spend a little more time talking about that, as it's something I'm increasingly involved with.Also, customer feedback is going to be crucial in determining which documents to tackle first.As I mentioned in the

Bill Brenner

Bill Brenner

November 20, 2013 8:52 AM

Privacy Was in Danger Before 9-11

This week I participated in an online panel put on by the Information Security Buzz website. I got the following question: What 2 things are most likely to change the security industry in the next 2 years? And why? The question immediately made me think of the state of privacy. My full answer is here. As to the privacy issue, I answered: After 9-11, privacy got shafted in the rush

Bill Brenner

Bill Brenner

November 19, 2013 7:09 AM

Security Presentations from Akamai Edge 2013

More than a month has passed since Akamai Edge 2013. Security was a major theme this year, and in this post I want to direct you toward the presentations now available on the Akamai Edge page. For the video presentations, click here. Below are some of the slide decks from those presentations. "Big Data Intelligence," by Or Katz, Principal Security Researcher, and Tsvika Klein, Security Product Manager"Closing the Loop on

Akamai

Akamai

November 18, 2013 3:04 PM

Extreme Image Optimization: WebP & JPEG XR in Aqua I ...

Images are probably the simplest component on a web page today. They don't block the parsing of the HTML and don't get in the way of rendering other components. Generally, they just sit there and look pretty. However, for what they lack in complexity, they compensate in volume. According to the HTTP Archive, images make up 61% of the bytes on the average desktop homepage, and 65% of the bytes

Akamai

Akamai

November 18, 2013 10:45 AM

MPEG-DASH is now industry essential

0 0 1 359 2048 Akamai Technologies Inc. 17 4 2403 14.0 Normal 0 false false false FR JA X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:Calibri; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-ansi-language:FR;} While NAB 2012 was approaching, Will Law was pushing forward MPEG-DASH on this blog as "a single [video] format that

Bill Brenner

Bill Brenner

November 18, 2013 3:24 AM

How Akamai InfoSec Answers Customer Compliance Quest ...

Part 1 in a series. For more information, see "Everything You Want To Know About Akamai Security & Compliance."The process to address customer security and compliance questions used to be somewhat chaotic. Questions would float around in random emails and elsewhere, and which ones got answered was a luck of the draw. We found this unacceptable, and did something about it.In an interview last week, Akamai InfoSec Program Manager Meg

Amanda Fakhreddine

Amanda Fakhreddine

November 15, 2013 1:50 PM

Tweets of the Week: 11/11 - 11/15

[<a href="//storify.com/Akamai/tweets-of-the-week-11-11-11-15" target="_blank">View the story "Tweets of the Week: 11/11 - 11/15" on Storify</a>]

Bill Brenner

Bill Brenner

November 15, 2013 5:44 AM

Everything You Want To Know About Akamai Security & ...

Starting next week, I'm beginning a series on Akamai InfoSec compliance efforts. It's an extensive effort to be sure, and customers probably ask us more about it than anything else. The first post will be about our process for getting customers the answers they need. From there, I will delve into the following (in no particular order): Akamai InfoSec and the challenges of ISO 27002 How ISO compliance shaped Akamai security

Pierre Lermant

Pierre Lermant

November 14, 2013 8:47 AM

A practical guide to web resource caching, part 1

Web resource caching provides the dual benefit of reducing load on the origin infrastructure while accelerating the content delivered to the clients. Yet, because of business and technical requirements, it is often difficult to select the best caching rules for the client browser and the Akamai edge servers. In this 2-part blog I will review industry's best practices and offer recommendations for common use cases. Part 1 will walk

Bill Brenner

Bill Brenner

November 14, 2013 5:37 AM

Video: Security and Compliance 101

Chief Security Officer Andy Ellis gives a brief overview of security and compliance and what they mean to Akamai. Andy's overview includes common terms along with definitions and an overview of common standards and their components.

Margaret Kuchler

Margaret Kuchler

November 13, 2013 12:54 PM

The online holiday shopping season: A look back at 2 ...

0 0 1 508 2898 Akamai Technologies Inc. 24 6 3400 14.0 Normal 0 false false false EN-US JA X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:Calibri; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin;} The holiday season is upon us once again! Stores are filling with holiday gifts and gadgets and our emails will soon

Bill Brenner

Bill Brenner

November 13, 2013 5:28 AM

Microsoft's November Patch Load

Yesterday was the second Tuesday of the month, which those of us in security know as Patch Tuesday -- the day Microsoft unloads its security updates. It's an important calendar item for Akamai customers, given how dominant Windows machines are in many companies. What follows is the full November 2013 update. Please review, see which are most important in your network, and deploy. Bulletin IDBulletin Title and Executive SummaryMaximum Severity

Bill Brenner

Bill Brenner

November 12, 2013 5:43 AM

Akamai Security Videos, Part 2

Last week, I began making compilations of Akamai InfoSec's multimedia content. This post is the final roundup of videos we've released thus far.For the compilation of Akamai security podcasts, go here. For the first installment of videos, go here.Now for more videos: Major Areas of Technology within Security In this Akamai InfoSec video tutorial, Security Intelligence Director Joshua Corman gives an overview of major areas of technology within security.

Bill Brenner

Bill Brenner

November 11, 2013 9:31 AM

Akamai.com Security Section Takes Shape

A few weeks ago I wrote about our efforts to develop a section for the Akamai website that's all security, all the time. Here's an update.First, a summary: This section will allow InfoSec practitioners to access all our security content in one place. There will be easier access to the security blog posts, podcasts and videos we already produce daily as well as such new content as slideshows, infographics, research papers

Tara Bartley

Tara Bartley

November 11, 2013 5:05 AM

Türk Telekom and Akamai Team Up

0 0 1 487 2781 Akamai Technologies Inc. 23 6 3262 14.0 Normal 0 false false false EN-US JA X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman";} Today is another exciting day for Akamai and our Aura Network Solutions team with the announcement of our strategic partnership with Türk Telekom.  We have teamed

Martin McKeay

Martin McKeay

November 8, 2013 1:28 PM

Looking forward to Forward Secrecy

Akamai is constantly looking for ways to improve the security of our platform and protect our clients' traffic. We're currently looking into an encryption mechanism called Perfect Forward Secrecy, or simply Forward Secrecy. We prefer to use the term "Forward Secrecy" because nothing in security is perfect and we'd rather not imply that it could be. Akamai plans to include Forward Secrecy as a capability our customers can start using

Bill Brenner

Bill Brenner

November 8, 2013 5:25 AM

Akamai Security Videos, Part 1

Several readers have asked me where they can find all our podcasts and videos. Our soon-to-be-released security microsite will make everything easy to find. But for now, we're creating a series of round-ups. Yesterday we published the first six podcast episodes. Further down the road, we'll have a round-up of our security webinars. What follows is the first compilation of videos. What's a Zero-Day Vulnerability? Akamai Chief Security Officer Andy Ellis gives

Lorenz Jakober

Lorenz Jakober

November 7, 2013 1:02 PM

Mastering Multi-Channel Madness

0 0 1 33 190 Akamai Technologies Inc. 1 1 222 14.0 Normal 0 false false false EN-US JA X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:12.0pt; font-family:Cambria; mso-ascii-font-family:Cambria; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Cambria; mso-hansi-theme-font:minor-latin;} Note: This is the final blog post to our "Crush the Rush" holiday readiness webinar series. Last week I teamed up with Steve Tack,

Akamai

Akamai

November 6, 2013 6:13 AM

Podcast: Akamai CSIRT Director Michael Smith, Part 2

In Episode 6 of the Akamai Security Podcast, I continue my discussion with CSIRT Director Michael Smith. In this installment, Mike describes the process by which CSIRT delivers daily threat intelligence to our customers, along with the defensive measures needed to block attacks.--Listen to the podcast HEREBio: Michael Smith is a senior security manager with more than 20 years of experience in the IT security and intelligence fields performing security design and engineering,

Bill Brenner

Bill Brenner

November 5, 2013 6:39 AM

Webinar: Preparing Your Web Security Strategy

For the third and final episode of our webinar series on Web security for small and medium businesses, Security Ledger Editor-in-Chief Paul Roberts joins me for a discussion on holiday-themed threats and strategies SMBs can adopt to fight back.

Bill Brenner

Bill Brenner

November 4, 2013 1:32 PM

Webinar: Threats and Defenses for Smaller Businesses

Steve Ragan, a former hacker and current staff writer for CSOonline.com, joins me in part two of our series on Web security for small and medium businesses. The focus of this episode is on hacking techniques, attacks and defenses.

Andy Ellis

Andy Ellis

November 1, 2013 9:08 AM

Whither HSMs

Hardware Security Modules (HSMs) are physical devices attached or embedded in another computer to handle various cryptographic functions. HSMs are supposed to provide both physical and logical protection of the cryptographic material stored on the HSM while handling cryptographic functions for the computer to which they are attached. As websites move to the cloud, are HSMs the right way to achieve our goals? Before we talk about goals, it is

Bill Brenner

Bill Brenner

November 1, 2013 4:34 AM

Twitter Chat: Protecting Critical Infrastructure

Yesterday, Akamai InfoSec participated in a second Twitter forum as part of National Cyber Security Awareness Month. Participants supplied a ton of great resources, which I think is worth sharing here. See last week's Twitter chat about cybercrime defenseWhat follows are some of the tweets from the conversation. If you want to better understand the threats to critical infrastructure and what's being done about it, you'll find what follows useful.14hbaber @baberI was on