Jun 5, 2012

Mission Possible – Account Security

Imagine if you will. You are a business owner. You have an e-commerce site, running on servers at a hosting company. This hosting relationship helps put food on your table and the table of each of your employees. You depend on it. Now, imagine a former employee gets access to your servers and compromises your business—perhaps to the point of no return. What if that former employee gained access by convincing your hosting company that he was you, or at least someone who is authorized on your account to access your server? You think this is unlikely? Think again. At Codero Hosting, we think it is unacceptable to have loopholes that allow that. Yet account compromises happen all the time in our industry, and they can be devastating.

At Codero, we take account security very seriously—even to the point that sometimes our customers may not understand why we do what we do. Some ask why they can’t just email us, or why we won’t answer basic questions via chat or phone without first verifying account security information. Frankly, the answer is quite simple. We don’t want an intruder—be it a former employee, former husband or wife, friend or foe—to get access to your data or services. Period. We have a top five global bank and a top five airline hosted at Codero, as well as thousands of small and medium sized businesses. We can not and will not do anything to jeopardize the security of those accounts.

Imagine what would happen if a bank would simply look at an e-mail and transfer money to another account, simply because the sender’s email address was on file. That would be, well, bad…and you wouldn’t bank with someone who doesn’t take your account security seriously. So why would you trust your hosting infrastructure to someone who doesn’t?

If you think a breach of you account is impossible, think again. A recognized company within our industry, who provides billing and server management software to resellers, recently became victim of social engineering attack whereby the perpetrator was able to convince a hosting company he was the owner of the account, and was given access. Things went downhill from there. You can read about this here. What I can tell you is this is a prime reason we take account security very serious, even if it adds an extra step or extra time for our customers to communicate with us. It is well worth it.

Social engineering where someone is impersonating you, is very dangerous, and unfortunately not the only method of trying to get control of an account. In fact, if I could sit down and write a book about all of the situations we have dealt with over the last six years regarding account access disputes, you would probably think we had written a fictional comedy, or excerpts from the movie Mission Impossible with all the impersonations, fake accents, fake anger by “pretend” customers used to intimidate us. In reality we’ve seen it all, from ex-couples fighting over accounts to ex-business partners, to just bad people trying to hijack domain names for profit. In the end, because of our training, diligence, and genuine care for our customers, we have been successful in protecting our customer’s accounts and we will continue to do so. In our tag line, we talk about reliability. We pride ourselves every day on being a reliable hosting provider and this is just one of the steps we take to insure we deliver that reliability to every single one of our customers whether it is a large multinational bank, or a Small business. We know hosting your IT with us, is equally mission critical to you. So, next time Team Codero or any other institution for that matter asks you to authenticate, please know we are doing it for your security.

Get on the Internet Autobahn – Yes. But be safe.

Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedIn