Community Blog How to Secure Your Data in Financial Services

How to Secure Your Data in Financial Services

Data is the lifeblood of the financial industry, Alibaba Cloud offers security plans to protect data in safe.

Alibaba Cloud CloudMonitor has detected attacks against global central bank websites by Anonymous members, primarily by high volume DDoS and HTTP flood attacks.

Alibaba Cloud security experts recommend building a security defense emergency system that integrates Anti-DDoS Service Pro and Web Application Firewall (WAF).

Alibaba Cloud responds to high-risk incidents with a defense system that integrates Anti-DDoS Service Pro and WAF. The solution can be simply deployed by updating DNS resolution, and available for both cloud and on-premises (including non-Alibaba Cloud) systems.

Anti-DDoS Service Pro implements the SaaS security service to effectively defend against DDoS attacks when origin servers become unavailable under a large volume of DDoS attack traffic. This ensures the stability and reliability of the origin site.

Based on the powerful big data capability of Alibaba Cloud, WAF defends against SQL injection, XSS, common web server plugin vulnerabilities, Trojan uploads, unauthorized access to core resources, and other common OWASP attacks. It filters out massive numbers of malicious attempts to prevent leakage of users' website assets and data, helping enforce website's security and availability.

Considering the high complexity and resistance of this attack, you should contact a professional security service vendor and a service staff member to create a comprehensive solution.

Alibaba Cloud experts can help you to implement a robust security solution to protect your system against such attacks. The benefits of Alibaba Cloud security services include:

  1. Alibaba Cloud security products can identify and intercept such attacks through the HTTP flood protection and mitigate malicious back-to-source traffic by leveraging cloud benefits.
  2. Alibaba Cloud provides a large-scale threat intelligence database for collaborative defense.
  3. Alibaba Cloud security engineers currently provide 24/7 emergency services to analyze attack variants and update protection policies.

Related Blog Posts

How Important is Data Security for the Financial Industry?

Data is the lifeblood of the financial industry. 91% of financial companies worldwide think they have data security risks.

Financial policymakers need to consider the broader context of Cloud Compute when formulating enterprise security policies.

At the same time, as more and more financial enterprises gradually transfer their businesses onto the cloud, they should also bring their security strategy more in line with the “cloud environment”. This new security strategy is very different from the previous makeshift solutions as cloud protection needs to be more comprehensively deployed.

Taking the basic topology of financial business systems as an example, App-side reinforcement and threat detection are used to limit security risks to within the app itself, while Anti-DDOS Pro and WAF (Web Application Firewall) are deployed at the entry/exit point of the cloud system so that network attacks are blocked before reaching the server load balancer, routers, switches, servers, or other applications.

Deploying Anti-DDoS, CDN, and WAF on Alibaba Cloud

In this tutorial, we'll discuss how to deploy Anti-DDoS, Content Delivery Network (CDN), and Web Application Firewall (WAF) all together to accelerate and secure our websites or web applications on Alibaba Cloud. For this solution to work correctly, you must have both Alibaba Cloud domestic and international accounts.

In case of "China service", for those who want to apply Anti-DDoS, CDN, and WAF features together on Alibaba Cloud environment, consider using SCDN(Secure CDN) on a Domestic account and WAF on an International account together. In case of International account, we cannot simultaneously utilize Anti-DDoS and CDN at the time of writing. In this way, this alternative can make it possible, before SCDN product on International account is released. Once again, this scenario works only for Chinese regions.

Related Documentation

Deploy WAF and CDN together

You can deploy Alibaba Cloud WAF and CDN (Content Delivery Network) together to speed up your website and protect against web attacks at the same time. We recommend that you use the following architecture: CDN (entry layer, website speed up) > WAF (intermediate layer, web attacks protection) > Origin.

Deploy WAF and Anti-DDoS Pro together

Alibaba Cloud WAF and Anti-DDoS Pro and are fully compatible. You can use the following architecture to deploy WAF and Anti-DDoS Pro together: Anti-DDoS Pro (entry layer, DDoS attack protection) > WAF (intermediate layer, web attack protection) > Origin.

Related Market Products

F5 Advanced WAF (PAYG, 25Mbps)

F5 Advanced WAF provides robust web application firewall protection, securing apps against threats including layer 7 DoS attacks, malicious bots, OWASP Top 10 threats and much more.

F5 Per-App VE – Advanced WAF (PAYG, 200Mbps)

F5 Per-App VEs deliver the same scalable, secure and customizable application services as physical and virtual F5 ADCs - at a price and in a form factor appropriate for supporting individual apps.

Related Products

Web Application Firewall

Alibaba Cloud WAF is a web application firewall that monitors, filters, and blocks HTTP traffic to and from web applications. Based on the big data capacity of Alibaba Cloud Security, Alibaba Cloud WAF helps you to defend against common web attacks such as SQL injections, Cross-site scripting (XSS), web shell, Trojan, and unauthorized access, and to filter out massive HTTP flood requests. It protects your web resources from being exposed and guarantees your website security and availability.

Anti-DDoS Pro

Alibaba Cloud Anti-DDoS Pro is a paid service that features a set of high-defensive IPs, and acts as a protective barrier for the origin. It safeguards network servers under high volume DDoS attacks. After configuring the high defensive IPs for the network servers, all traffic passes through the Anti-DDoS Pro instance before rerouting to the origin.

Anti-DDoS Pro supports a peak protection bandwidth of 20Gbps ~ 600Gbps on servers inside and outside Alibaba Cloud. To make it more cost-effective, you are offered various flexible payment plans. Wherein, the fees are incurred according to the daily attack volumes.

Anti-DDoS Pro cleans all traffic, mitigates DDoS attacks, and then forward traffic to the origin. With malicious traffic mitigated, the origin gains higher availability and stability.

Additionally, with Anti-DDoS Pro enabled, traffic traction and re-injection are not necessary when your origin suffers DDoS attacks.

Related Course

ACA Cloud Security Certification

This certificate is designed for engineers who can use Alibaba Cloud Security products. It covers Alibaba Cloud's several security products like Server Guard, WAF, Anit-DDoS basic and Pro.

Related Whitepaper

Stopping the Bots With Alibaba Cloud WAF

Data needed to get through, by whatever route it could. Privacy and security came later, with techniques such as encryption and authentication.

The same features that make the web so simple to use, also make it incredibly easy for so-called bots to harvest massive amounts of information. Software bots are very common, and it’s far from unusual for a typical website to receive several attempted bot attacks per day.

But with a properly tuned Web Application Firewall, you can stop them. Download this whitepaper to learn how you can protect your business against bot attacks.

0 0 0
Share on

Alibaba Clouder

2,600 posts | 754 followers

You may also like