Security Breach Can Be a Good Lesson For a Company
Rob Platzer, Chief Technology Officer at Bitly, one of the world’s leading URL shortening service providers have recently spoken how the company recovered from a security breach in early 2014. Bitly shortens more than half a million URLs a month making its reliability and uptime very important. Maintaining the Bitly requires a certain level of dedication towards the information security.
The CTO of Bitly is responsible for technical strategy and engineering for how Bitly implements various technological solutions to provide highest quality service as well as making sure that all the systems are protected from any potential breaches and malware attacks.
Making the product secure means that both the the product itself and the network are secure and as long as they do not consider them protected they do not think that their application is secure. Therefore, Bitly integrate security measures in every part of their software development. We here at NordVPN are always upgrading our systems to offer a safe and secure service to you all.
Another important factor to consider when developing a service is its resilience to downtime. To ensure that Bitly works 24/7 and cyber attacks do not take the service down there is a second server in different location which will be used in case the main server can no longer ensure the perfect service. The main server is ran on the Verisign’s Delaware facility. Which according to the Rob Platzer has a very secure and sophisticated data center as well as systems to prevent DDoS attacks.
The second data center is used not only as a substitute server for the research and development purposes, too. Having this second server ensures that Bitly has 100% uptime for the redirection from short link to the original URL. They call it decoding, while long address conversion to short link is called encoding.
Despite having a second data center it is used only if “Plan Z” is initiated. Which they consider the last resort plan they have, hence the “Z”. They consider such a catastrophic breakdown of the main server to be highly unlikely. However, the fact that a big part of the internet relies on the short links Bitly can not risk having any downtime and a fall back server is a must.
You may never be sure that there will be no downtime since all software has its weaknesses. For example this May Bitly admitted that they were targeted by a malicious attack which compromised their service. One of the biggest things Bitly taken away from the incident is the contacts with the security experts who helped to stop the further damage of the attack.
Before the incident the company used to attend various security conferences but they did not start any significant partnerships. However, after the incident Bitly has been actively working with security teams from Facebook, Symantec and Dropbox. The collaboration helps to stop any phishing attacks or spammers that occur once in a while.
One of the main security challenges is to prevent Bitly usage to distribute infected links. Fortunately, advanced security systems are able to identify such links and mark them as spam thus preventing the potential exploit.
NordVPN just like Bitly aims to provide a secure product that is accessible to the majority of internet users. But VPN not only is secure itself, it also secures your personal information from leaking to third parties.