Following last month’s piece on the dropping of high-profile client Kevin Mitnick from provider HostedHere due to repeated attacks on his account and Mr. Mitnick’s subsequent finding of a new home in FireHost, I was left wondering why exactly FireHost was willing and apparently able to withstand the heat that HostedHere wasn’t.
With a strong focus on security since its inception, the Dallas, Texas-based FireHost focuses its advertising almost solely on the level of protection it provides, creating an easy target for security-minded clients looking for a safe haven for their data. Their security policy is long-standing and the base of their service offerings, as evidenced by the words of FireHost CEO Chris Drake when I asked him for his thoughts:
“The requirements for securing websites are not the same as they were in years past when standard firewalls did the trick. There are many modern threats that are not addressed by most providers and hackers continue to get more and more sophisticated. Right now, the new threat is application layer attacks. Attack vectors like SQL Injections, XSS, Cross-Site Request Forgery (CSRF), etc. proliferate the web and take down and/or infect hundreds of websites everyday.
One of the reasons why Kevin Mitnick selected FireHost is because we understand that security is about the entire ecosystem. We protect our clients from social engineering, network and application level attacks and even monitor client systems and databases for illegal access by their own employees. FireHost at its core was built and designed with security at the forefront. Not only do we protect our clients from today’s threats but we are committed to being an aggressive and smart partner for our clients for the threats that lie ahead.”
The fuss about online security is not only a potential selling-point for web hosts but also a real concern on the minds of a growing number of consumers. With an increase in attacks focusing on server ports accessed from within hosted web sites themselves, stories are surfacing more and more often detailing destroyed and stolen data and the business losses that often follow. By focusing on security in general, FireHost has allowed themselves the time to dedicate technicians to researching and solving individual threats, translating into diligent protection against SQL injections, cross-site scripting, path traversal, bad user agents, DOS attacks and every other tactic used by hackers to exploit servers.
This commitment to security is not only good practice but perhaps also the safest business model moving forward into uncertain, and often insecure, times. This particular story of one host’s failure and the success of another is telling of the general focus on the safety of data in the industry today and should serve as a clear message to hosting providers that do not feel confident in their ability to withstand all levels of attack: security is paramount and firms that excel in protecting their clients will stand out as clear winners in situations involving even the hint of vulnerability. So long as consumer concern over security continues to rise, all hosting providers need to respond as both a duty to their clients and a progression towards thriving in what is, as the story of Kevin Mitnick’s trouble and his move to FireHost shows, a very competitive industry.