the cost of a data breach for a small business merchants averages $36,000 and can reach or exceed $50,000.
Leading causes of major security problems include:
- Out of date packages
- Badly configured networking
- Needlessly large attack surface
The Old Way
Patches? We don't need no stinkin' patches!
Often a server will be comporomised by a known vulnerability, for which a patch has been available some time. But the update has not been applied due to one of these factors:
- Too difficult/dangerous to make software and OS updates on a live production server.
- No procedure in place for regularly applying updates.
- Operations staff are just too busy
Network configuration is likewise often constrained by unavailability of staff with sufficient specialized technical knowledge. Too many ports are wide open to the public internet. Non-essential services may be running and accessible from the public internet, creating a large attack surface for hackers.
The Modern Way
Let Convox and AWS do the work for you. Best practices for network security and isolation, out of the box. Only the load balancer is accessible from the public internet, exposing only those services (e.g. your webserver) that need to be exposed. Amazon EC2 Container Service makes it easy to keep OS-level patchs up to date. With your application running inside a Docker container, it's easy and safe to test software updates before applying them to your production service.