Akamai Diversity

The Akamai Blog

Inside the Mind of a Cybercriminal
The rise of open source malware, IoT-based threats, and criminal services-for-hire is fomenting a new era in cybercrime. While global cybercrime is expanding and cybercriminals are stuffing their bank accounts, individuals and businesses (especially SMBs) are directly impacted. Many worry about the safety and security of their online experiences and what communication service providers (CSPs) are doing to protect them.

Secure (and Simple) SharePoint Remote Access

SharePoint, Microsoft's 16-year-old flagship file storage and collaboration product, is used by over 200 million worldwide users. Likened to a Swiss Army knife, SharePoint performs so many functions that it has become an integral part of most enterprise IT fabrics. Of course, it is not perfect - no product is. And like many incumbent products, there are always new challengers ready to deliver advanced feature and performance capabilities. Google Apps and Slack come to mind, and even claim to be taking away some - albeit modest - market share.

SORP-feature2.png

I'm extremely excited to announce the release of our very first State of Online Retail Performance report. This report is a semi-annual analysis of the intersection of performance metrics from three different perspectives: IT, business, and user experience.

It's always a thrill to release new research into the wild, and I'm extra thrilled about this particular project.

As our first piece of new research to be released under the Akamai umbrella, it's fitting that this project is also the biggest of its kind in the performance industry. We gathered one month's worth of beacon data from leading retail sites, comprised of our customers who have given permission for their data to be anonymized, aggregated and used in this type of research. This study represents a whopping 27.7 billion beacons' worth of user data - which equates to more than 10 billion user visits.

The 'Audience of You' at NAB

It's all about the "audience of you" as Akamai gears up for next week's 2017 NAB Show in Las Vegas. With that phrase, we're talking about helping to deliver the best possible experiences for each and every OTT video viewer. It's not an easy thing to do, but we're demonstrating a host of new products and technology that can help make sure consumers enjoy nothing less than flawless viewing ... anywhere, anytime, on any device.

Among the new products we're showing is Media Acceleration. Just announced in March and available now, Media Acceleration uses technology integrated directly into consumer OTT applications that is designed to enhance the performance of media delivered over the Akamai network and optimize the viewing experience for each individual end user.

Even newer are liveOrigin capabilities that we've added to our Media Services Live solution for live and linear streaming. The system is built from the ground up specifically to support the rigors of 24/7 video delivery and combines critical features such as accelerated ingest, low latency and DVR functionality to help meet the high expectations of today's OTT viewers.

Why moats and castles belong in the past

We are all familiar with the enterprise security approach of treating an organization like a castle, and protecting it with a moat. Moats have been used for perimeter defense since ancient Egypt. While the moat and castle enterprise security approach has worked well in the past it is starting to show its age.

No matter what else she does in her day, Judy Piper is, first and foremost, a people manager. Her role as a senior engineering manager in the Enterprise business unit is all about empowering others, and her curiosity and fearlessness help her succeed. Judy recently answered a few questions about her cool new project, her advice to others and her favorite extreme sport.

Update: Vulnerability found in Apache Struts

Akamai has created two new WAF rules in response to new information about the Apache Struts2 vulnerability.  The first rule, the most recent version of KRS Rule 3000014, is a standard part of the Kona Ruleset and protects against the many common attacks leveraging  this vulnerability.  This rule is designed to allow organizations that have complex environments to continue operating without risk of the WAF rule interfering with their environments. However, this rule was intentionally designed to have as few false positives as possible, and may not capture future attacks against the Struts vulnerability. This rule will provide superior protection to rule 960010 for most customers.   

From an IT management perspective, remote access management can be complex. Deployment, administration, testing and compliance is often multifaceted and time consuming, and security is an on-going concern.

Granted, I have talked with IT professionals who tell me VPNs - being the primary remote access technology deployed by enterprises - are not difficult to deploy and maintain. They tell me VPNs are a 'set it and forget it' technology, and they serve their organizations well because they have just a few remote workers.

Managing risk is a key aspect of any business. This becomes more complicated when additional parties, such as vendors are brought into the mix. One of the strongest pieces of guidance on managing vendors that customers have brought to Akamai comes from the US Office of the Comptroller of the Currency (OCC) Bulletin 2013-29, wherein the OCC recommended that financial institutions strengthen their preparedness around third-party risk management, particularly in the field of cybersecurity. Many other global regulations exist with similar requirements.

DDoS of Past, Present and Future

The pervasiveness of technology has meant automation of tasks, allowing better productivity, with more time to do more. However, the dark side of technology would be that enterprises and individuals alike are vulnerable to cybercrimes, compromise of identities, loss of data and subject to malicious attacks.

In our recent 'State of the Internet / Security Q4 2016 report', we reported that Akamai mitigated 3,826 distributed denial of service (DDoS) attack events on our Prolexic network, a 4% increase in attacks since Q4 2015.