Akamai Diversity

The Akamai Blog

Why moats and castles belong in the past

We are all familiar with the enterprise security approach of treating an organization like a castle, and protecting it with a moat. Moats have been used for perimeter defense since ancient Egypt. While the moat and castle enterprise security approach has worked well in the past it is starting to show its age.

Judy Piper.jpeg

 

 

 

 

 

 

 

 

 

 

 

No matter what else she does in her day, Judy Piper is, first and foremost, a people manager. Her role as a senior engineering manager in the Enterprise business unit is all about empowering others, and her curiosity and fearlessness help her succeed. Judy recently answered a few questions about her cool new project, her advice to others and her favorite extreme sport.

Update: Vulnerability found in Apache Struts

Akamai has created two new WAF rules in response to new information about the Apache Struts2 vulnerability.  The first rule, the most recent version of KRS Rule 3000014, is a standard part of the Kona Ruleset and protects against the many common attacks leveraging  this vulnerability.  This rule is designed to allow organizations that have complex environments to continue operating without risk of the WAF rule interfering with their environments. However, this rule was intentionally designed to have as few false positives as possible, and may not capture future attacks against the Struts vulnerability. This rule will provide superior protection to rule 960010 for most customers.   

From an IT management perspective, remote access management can be complex. Deployment, administration, testing and compliance is often multifaceted and time consuming, and security is an on-going concern.

Granted, I have talked with IT professionals who tell me VPNs - being the primary remote access technology deployed by enterprises - are not difficult to deploy and maintain. They tell me VPNs are a 'set it and forget it' technology, and they serve their organizations well because they have just a few remote workers.

Managing risk is a key aspect of any business. This becomes more complicated when additional parties, such as vendors are brought into the mix. One of the strongest pieces of guidance on managing vendors that customers have brought to Akamai comes from the US Office of the Comptroller of the Currency (OCC) Bulletin 2013-29, wherein the OCC recommended that financial institutions strengthen their preparedness around third-party risk management, particularly in the field of cybersecurity. Many other global regulations exist with similar requirements.

DDoS of Past, Present and Future

The pervasiveness of technology has meant automation of tasks, allowing better productivity, with more time to do more. However, the dark side of technology would be that enterprises and individuals alike are vulnerable to cybercrimes, compromise of identities, loss of data and subject to malicious attacks.

In our recent 'State of the Internet / Security Q4 2016 report', we reported that Akamai mitigated 3,826 distributed denial of service (DDoS) attack events on our Prolexic network, a 4% increase in attacks since Q4 2015.

Reaching toward universal TLS SNI

The past few years have seen a dramatic increase in client support for TLS SNI (a technology standard that makes HTTPS much more scaleable). While early 2014 saw fewer than 85% of HTTPS requests being sent by clients supporting TLS SNI, many Akamai customers today now see client TLS SNI usage exceeding 99%. This shift means that deploying SNI-only Web sites is now increasingly viable, with 31% of the Alexa top-100k hostnames with valid certificates for HTTPS only presenting those certificates when TLS SNI is sent by clients.

HTTP/2 Server Push: The What, How and Why

What is HTTP/2 Server Push? How does it work? Why is it valuable? If you are looking for the answers to these questions, you've come to the right place.

 

Online audiences are growing and so are their expectations for the quality of experience. You know exactly what I mean if you've ever been frustrated with the rate at which a game is downloading or if your video stalls at the most inopportune time.

Online streaming is no longer novel, it's the norm. The days of being enamored by streaming your favorite TV show online are over. Viewers now expect instant access to uninterrupted video streams on whichever device they're using, anywhere they might be, at any time of day or night. The same goes for online gaming, where mobile downloads and updates are expected to complete in just a matter of seconds and large software files are expected to download faster than ever.

Nine Years of Better Broadband

One of the questions I am frequently asked about the State of the Internet is how things are changing - what are the trends we see in the data? As we've just closed out the ninth year of publication of the Connectivity report, I thought that it would be a good time to take look back and see just how much better things have gotten since the initial report, which covered the first quarter of 2008.

The graphs below cover the key connection speeds and broadband adoption metrics currently covered within the report, along with a look at connections under 256 kbps - some folks out there are still stuck on dial-up quality connections. For ease of review, we've aggregated the data at a continental level - obviously, that means that the changes seen in a specific country will be lost in the averaging. For more granular insight, similar country-level trending graphs can be built and exported (as can the underlying data) using the State of the Internet graph visualization tool. (And you can always contact us at stateoftheinternet@akamai.com with questions as well.)