Hit enter to search

The open doors for a hacker

Author Avatar
Benjamin Schmits
Sales Engineer, EASI

Nowadays, many applications need to be accessible outside your network for your employees, customers and/or suppliers. Without security, these systems are synonymous with the key on the hacker's doorstep.

Have you ever imagined what could happen if one of your employees, customers or suppliers had an infected PC and made malicious requests on your servers without warning? In fact, have you ever considered the lines of code that could be injected into a registration form?

In short, with the amount of bots, malicious code and all kinds of attacks, is it justifiable to make these applications accessible on your network without rigorous protection?

Security in 2020

The professional world is constantly changing, only briefly interrupted by beating digital revolutions and launching new digital products. Since the creation of the World Wide Web in the 1990s, digital products such as computers, smartphones and tablets have continued to innovate and improve their performance significantly.

Companies like yours have, have, or will have to face many challenges and will have to adapt to this new era: the digital age. This digitisation and virtualisation have changed the way your company and society work. They have also completely changed the methods of thieves. The thieves of the past, at risk of being caught red-handed, have become hackers thousands of kilometres away from the scene of their crime.

The open doors for hackers

It is known how to secure the physical access doors of infrastructure. How can you secure these virtual access doors that are considered as open doors by hackers?

Simply put, every time a browser needs a file hosted on a web server, it sends a request via http or https (in other words, it asks for a file). When the request reaches the correct web server, the http or https server returns the requested document, also using http or https.

Many customers feel that their applications are protected, especially thanks to the firewall at the entrance to their network. However, a traditional firewall has little or no knowledge to understand what is happening in a web application. Moreover, if the application uses SSL (HTTPS), the firewall is simply blind and offers no protection. By 2020, approximately 80% of connections will be encrypted. In other words, without SSL decryption, you are protected against only 20% of attacks, i.e. only the requests transmitted via HTTP.

The need for advanced protection

A Reverse Proxy is a device, in the form of a physical or virtual machine, that is placed in front of your web server and sends your customer's request to the web server itself. Why is this type of solution essential these days? Unlike a "passe-partout", it is a unique key to every request.

  • Security element
    Your real web server, with your databases and all your sensitive data, is hidden and no longer directly accessible from the outside

  • Processing speed
    the most common requests are cached and protocols are improved

  • Load balancing
    requests are distributed across the various web servers, checking availability

  • SSL decoding 
    the content of messages is decrypted to reduce the load on the web server.

Simplicity in reach

EASI offers a fully outsourced reverse proxy solution managed by our team of experts. Thanks to the fact that EASI uses this type of architecture to protect its own SaaS applications, EASI has developed far-reaching expertise in this field. You get advanced security without having to install anything in your environment. EASI manages this for you.

To summarise briefly: RPaaS (Reverse-Proxy-as-a-service) is different from a "basic" reverse proxy that limits itself to transferring connections to your infrastructure by providing a complete analysis of all communication between your environment and the Internet. RPaaS protects on 2 levels.

  1. Your application servers are protected against possible failures or misconfigurations.
  2. Your sites and applications are protected against application attacks such as SQL Injection, Brute Force attack, Cross-site scripting (XSS), Directory translation & Local file recording.

Don't wait any longer, turn your 'old door' into a rock-solid gateway.

NIS2 whitepaper

Current job openings

Get our top stories in your inbox every month

Follow us

  

Share this article