Although it’s not a traditional cybersecurity method, origin shielding lets you protect your origin server(s) from overload, ensuring high availability, performance uptime, and the ability to continue serving web and video traffic even when you experience a CDN outage. As we’ve seen with recent Fastly and Akamai CDN downtime events, the ability to create resilience and operate even in outage situations is a lifesaver.
Transport layer security (TLS) is the de facto standard for sending and receiving secure HTTP traffic. With this in mind, Varnish long ago built a standalone TLS proxy on the open-source Hitch project. It delivers secure transport and doesn’t interfere with content delivery performance, but for a number of reasons, it’s not always the right choice for every implementation.
Cybersecurity requires more than just a single action or approach because threats exist on many levels. Some of the biggest threats, in fact, can be internal: employees who aren’t fully aware of cybersecurity threats like phishing are a risk; incorrect configurations within your infrastructure can bring your website down (in fact, configuration errors can bring down half the internet). Cybersecurity isn’t just about securing web traffic through transport layer security (TLS) or putting up a firewall, even though these are necessary fundamentals.
Authentication and authorization policies exist in companies of all types and sizes to govern access control and determine who can see and work with specific data. At the same time, people are one of the biggest security vulnerabilities in organizations, making access control at a granular level one of the most important means of securing your sites, apps and your business as a whole, particularly at a time when ransomware and other attacks are on the rise.