Friday, 08 April 2011 10:02
The internet can be a dangerous place, and the next-generation service provider Internet Solutions takes threats to security very seriously.
Ian Shak - IS
“It is important for ISPs to provide connectivity that is clean and secure, yet private. We at Internet Solutions take it very seriously to provide a secure as possible service to our clients,” says Ian Shak, Senior Business Development Manager: Cloud Services at
Internet Solutions (IS).
“That said, we also take net neutrality very seriously. For that reason, we don’t scan our clients’ traffic at all. We value privacy laws as set up in the various legislations.” To keep its clients safe, IS has a number of processes in place. Spam is still a massive problem. “Inbound and outbound spam is inherently different,” Shak explains. IS takes a hardline stance against outbound spam, which is spam originating from its network.
SPAMALOT
After being notified by other ISPs that spam is afoot, the IP addresses associated with the outbound spam are identified. Then the user associated with that IP address is notifi ed via e-mail, and telephonically a few days later.
“Most of the time, we find they are not malicious at all. They’re a little bit ignorant or not very
security- conscious and their machine is infected with some sort of virus, botnet, or
malware. In that case, we help them to the best of our ability.” Sometimes, though, users are repeat offenders, or don’t respond to the notifications. “Then we have to send them a seven-day takedown notice. We tell them we will suspend their Internet service after seven days if they don’t react. It is quite a hard-line stance, but most clients are very willing and responsive when we do contact them. So, if we do end up sending a takedown notice, usually the problem is resolved within hours.”
Inbound spam is different, he says. “We don’t have a lot of control over what email comes in to our network, whether it’s legitimate e-mail or unsolicited e-mail.” If a subscriber reports spam, IS notifi es the ISP originating the spam. “We notify the ISP that we received spam from this IP, at this date and this time. And we expect that the other ISPs are equally responsible and do the same as we do.”
SERVICE DENIED
The company’s process for copyright infringement is similar, notes Shak. “We get notified by the trade groups that represent the big studios, mostly in the US. We first send an e-mail notification, if we have no response within a week, we then contact the client telephonically.”
However, South African legislation does not demand local ISPs issue takedown notices regarding copyright infringement, Shak says. “We don’t believe our legislation is strict enough to allow us to cut off a subscriber because some organisation in another country has alleged that they are downloading copyrighted material.” Another serious issue is denial of service (DOS) attacks. “We respond to denial of service within one hour.” If it’s an IS client perpetrating the denial of service, “we have the ability to
shut that down very quickly, to switch that subscriber off within one hour of being notified”.
With inbound, Shak says, “we also take it very seriously. That said, we often have to make a call whether we want to try to keep the client up and running by defending against the DOS attack, or whether the best course of action would be to take the client off the Internet, just for a period of time, to protect the IS
network.” A growing problem, says Shak, is phishing sites. However, he says “the banks have been very proactive at educating users to the dangers of clicking on links in e-mail, being redirected to phishing sites which are trying to steal your details.
With regards to that, we have forged strong relationships with the banks. We endeavour to shut down any phishing site hosted on our network within one hour.”
TREACHEROUS WATERS
Shak notes that the Internet is becoming more dangerous. “The types of attacks we’re seeing are more targeted. They’re a lot more economically motivated and it’s no longer just a fun thing. There’s real money at stake and therefore the attacks are becoming more dangerous.” However, IS is fighting this with its range of
security solutions. “We have regular client functions where we talk about the latest
security threats, and the solutions we are providing to combat them.
“We also instil it internally. We live and breathe it and we ensure it’s instilled down to our clients through the technical support we provide.”