MS-only hosting firm comes to UK

Better security etc.

In the wake of the much-publicised raids by Russian hackers on online ecommerce systems, hosting firms are pushing their ability to provide better security as a means to get more business - and some are doing this while sticking by NT.

Managed hosting service provider Data Return, which set up a sales office in the UK last week, claims that firms can enjoy as much, if not better, security by standardising on Microsoft technologies for their applications.

JAccording to Jason Lochhead, Data Return CTO, IT staff can become overloaded if they are responsible for keeping a myriad of different systems up to date. It can therefore make sense to standardise on one technology and outsource the management of a Web site to experts on both business and technology grounds, he says.

Data Return has standardised on using Microsoft technologies because it reckons this is the fastest growing segment of the Web hosting market. Lochhead said as a joint development partner with Redmond, Data Return better understands how to shore up any holes with its products and can quickly to address any issues.

This month, Data Return has introduced security offerings designed to secure client applications and ensure faster incident response times, which sits alongside its traditional firewall services. These products include reactive intrusion detection services and vulnerability assessment services, technologies which are common in enterprises but much more rarely offered by service providers.

Neil Barrett, technical director at security consultancy Information Risk Management, said that outsourcing to specialists who offer contractual guarantees makes sense for many firms.

"Contractually speaking you may be more secure against what you're most worried about, being sued by customers or end-point victims, if you use a hosting firm," said Barrett.

Deri Jones, security testing director at NTA Monitor, said that ISP hosting contracts are sometimes inadequate and firms need to go into outsourcing "with their eyes open".

However he agrees with Barrett that firms should look to the overall security of their site, which he said can only be verified with testing, rather than getting caught up in "religious wars" about which operating system a supplier uses.

IRM's Barrett said what technology a hosting firm uses should be immaterial to companies, who should approach setting up their ecommerce hosting as a business decision.

"The default installation of Linux is more secure than NT with IIS (Internet Information Server), but neither is particularly secure. With Microsoft you have a long way to go to make it secure but it's easier because of things like graphic menus, with Linux you've a short way to go but it's hard," said Barrett. ®

Related stories

Russian Mafia uses NT flaws to raid Internet banks
Different approach to intrusion detection touted
Network Associates weathers DoS attack
Microsoft struts into Net security market

Sponsored: 10 ways wire data helps conquer IT complexity