This isn’t a post aimed at sysadmins, as they will know this already. However, it’s a post intended for a business owner or decision maker who places the contract for web hosting, and is intended to highlight at a high level some of the security risks that exist to their websites just by being on the Internet.

Lately, the industry has seen an elevated level of attempts to take advantage of code vulnerabilities in the software powering websites. Hackers are a common and persistent threat to any website, but there are steps you can take to protect yourself and to make your websites and applications harder to exploit.

I read a brilliant post on ZDnet today by Ed Bott about the recent exploit of Adobe, Google and other companies. A lot of media channels have tabled this exploit as reason to abandon Internet Explorer and, while there is an inherent trust issue with Internet Explorer (which is explained in depth in the report and summarised below), the fear induced by other media reports should be taken with a pinch of salt – if you adopt good security practice if you are using IE (or any browser or operating system for that matter), you will be as safe as you can be.

There is a lot of hype as well as valid discussion about the benefits of Cloud Computing. And while we hope that the faith we put in this elastic environment to scale and provide the flexibility we need to ensure our web applications are always running and performing at optimal levels for all our visitors, there will be times when things don’t go as planned.

1.5 billion searches take place on P2P (peer to peer) networks daily compared with 180 million on Google, and that a growing number of the searches are being done for malicious purposes. There is an abundance of classified government and military documents as well as corporate data freely available on P2P networks, including a full diagram of the Pentagon’s secret backbone network infrastructure. But how do we mitigate against confidential data loss from P2P networks?