Hosting: a balance between security and service

The news that Host Europe Group (HEG) has been acquired by US rival GoDaddy puts the spotlight on the hosting industry in what, for many, has been a challenging year. Serious issues around hosting provider security, reliability and quality of service have repeatedly made the headlines, reminding us of how fundamentally important hosts are to the ability of connected businesses to operate. 

Yet, for many, choosing a hosting provider has become a commodity purchase – it’s quick, easy and often very cheap. Providers can seem very similar to one another, and to an extent, consumers need to become more savvy in their decision making to balance price against performance and security. But, eliminating the issues faced by users this year falls largely at the feet of the providers. So where should web hosts be focusing their attention and investment in the year ahead in order to deliver the security and reliability customers are looking for? 

Minimising disastrous downtime

Web hosts are as vulnerable to security breaches as any other type of organisation, but the consequences for their customer base can be far more dire than for most. In the case of DDoS attacks, the typical response from a host is to reconfigure their network via a separate route to the main traffic or eventually blacklist the affected IP. But this takes time (at least 30mins) and the entire network can be affected for the duration. With this approach, the server or person being attacked could be down indefinitely as the provider can be reluctant to make the servers live again when the attack subsides. 

Hosting providers need an automatic response when unusual traffic volumes are detected to divert the affected network via a dedicated DDoS scrubbing facility. This allows the provider to begin recovering instantly, meaning only the attacked network will be affected, and usually for only a couple of minutes whilst the systems analyse and adjust the respective traffic filters. 

As for the consequences, the knock-on effect of DDoS attacks on hosts is difficult to measure, but in broad terms the impact can be disastrous.A recent survey from the U.S. National Cyber Security Alliance found that 60 per cent of small companies that are hit buy cyber attacks have to close down within six months because they cannot afford to rebuild. 

Hosting providers need to enhance their role as the first line of defence against attacks. Providing a solution that prioritises security without sacrificing performance must be the goal for all providers. A practical strategy for achieving the highest possible Information Assurance (IA) with the least possible sacrifice, commonly known as the balance of risk versus reward, should sit at the heart of how hosts approach security. Following a multi-layered approach in which each layer is mutually exclusive and should include controls designed to progressively weaken an attack. 

But if the worst is to happen, reliable customer service is the next line of defence in minimising the impact of downtime. 

Service – being a good host

In social situations, a good host sets out to create a memorably positive experience, something that everyone involved would recommend and happily repeat. But there have been occasions in 2016 when for some, the concept of being a web ‘host’ has been more like inviting guests over, only to insist they pay for all the food, prepare it themselves and tidy up afterwards. 

When faced with the reality that a website - the primary public face of most organisations - has gone down, every minute offline impacts profits and jeopardises brand reputation. While IT teams frantically try to get their business back up and running, working with a service provider who has a real person on the other end of the phone who is fighting just as hard to make that happen is a welcome ally. 

Automated answering machines that ask users to go through a battery of questions before directing them to a service representative is not a calming process in times of crisis. Instead, hosting providers need to be more proactive during downtime, provide a direct phone number to use and share wisdom from the trenches as they work to restore services no matter what the cause of the problem. 

Ultimately, great service sometimes needs more human intervention, not less. Despite all the recent talk around the impact that machine automation may have on the jobs market in the years ahead, tech businesses are themselves underlining the need for very traditional levels of service. Hosting is a technology driven business, but it still needs people and often the answer to tech problems is to bring back the human element. 

This personalisation can be put under threat as service providers grow, causing them to forget that the needs of each customer are important and the success of each website is crucial.

The GoDaddy/HEG deal may prompt others to consolidate in the year ahead, and may prove of great benefit to their customers. Despite the savings and efficiencies an acquisition can deliver, a small business ethos – where customers are individually valued – would be a great place for the hosting industry as a whole to refocus its attention next year. 

Image Credit: Scanrail1 / Shutterstock