Would you lay out the welcome mat for hackers?

Posted on October 12, 2011 by Steve

The idea of willingly inviting hackers to break into your website or server may seem odd, but if the intention of the hacker are good (i.e. they don’t intend to use what they find to exploit your business) it can be an effective way to identify and seal up weaknesses in your web security.

The practice of ‘whitehat hacking’ hit the news recently with the launch of Facebook’s Bug Bounty programme, which offers rewards to users who find and report holes in the platform’s security. In the first three weeks of the project, Facebook reportedly paid out over £25,000. They obviously figure that the cost of the programme is significantly less than the potential loss they could suffer if sensitive data were to fall into the wrong hands.

Inviting the hackers in

If you’re not of Facebook size and status, it’s probably not a good idea simply to announce publicly that you’d like people to try to break into your site, but you can enlist the help of a professional ‘ethical hacker’ to help test your security.

The best of these will hold Ethical Hacker Certification from The International Council of Electronic Commerce Consultants (EC-Council). This will mean that your chosen hacker is skilled professional who uses the same knowledge and tools as a malicious hacker.
The will know how to look for the weaknesses and vulnerabilities in target systems and will have signed up to an ethical code that means they can be trusted with your data.

So, how secure is your server?

Post to Digg Digg This Post Post to Reddit Post to Reddit Post to StumbleUpon Stumble This Post Post to Technorati Post to Technorati

This entry was posted in Web Security. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>