Using an IDaaS solution as an Access management and SSO solution helps you in your digital transformation. The extended enterprise, the use of the Cloud, the mobility, the smartdevices are so many subjects that an IDaaS needs to carry in terms of access while continuing giving to everyone the on-premise access. The IDaaS must serve the hybrid IS and not only the Cloud. That also means that you need to trust your IDaaS, because no IDaaS means no access... More particularly you need to ensure that the proposed disponibility is maximum and higher than what you could build at a reasonable cost.
Memority, the french IDaaS propose a service distributed on two data centers located in France in mode active/active with a very high level of security. To do so, we rely on our own security services, the security services of our host and third-parties security services. The news show that one of the most simple and violent attacks are the DDOS attacks. Last September, our host OVH went through the most important DDOS attack ever (more than 1 Tbps/s).
Most of the websites or companies would have fallen and had difficulties to restart. OVH (and so Memority) didn’t suffer from latency or any lost of disponibility relative to this attack. We have decided to choose OVH because it’s Dedicated Cloud solution (physical host dedicated to Memority and so not shared with OVH’s other clients) because OVH offers one of the most performing anti-DDOS protection on the market. The attack that was realised was perpetrated by the hijacking of 145 000 IPs cameras, in order to constitute a huge botnet and attack OVH. The mitigations services based on VAC in several layers of material allowed to hijack all the illegal traffic and allow the legal traffic. This attack has demonstrated the resilience level of our platform.
Nevertheless with the multiplicity of the DDOS attacks, especially from the hijacking of connected objects, the subject of the DDOS attacks remain a worrying subject because that might paralyse the whole digital economy. Beyond the mitigations services implemented, it is necessary to realize that it is important to securise this connected objects. In particularly, the hijacking of the IPs cameras was realised by penetrating those cameras by forcing the credentials access to them. Memority allows to secure the access to the connected objects, to link them to human identities (MRI, Identity relationship management) and authenticate / authorise the access from those devices to the IS. There is an urgent need for a collective awareness of the security of connected objects in a large scale.
For the companies turning to digital, DDOS attacks and the hijacking of connected objects become major risks. Building your own IAM internally require to accompany it with expensive security measures : DDOS mitigation, SIEM, vulnerability management, DRP…
For Memority, the digital trust is not an option. All the security services of our IDaaS are included in the subscription and are verifiable.
1- Last October 19, the american host Dyn went through a massive DDOS attack on its DNS servers, making unusable websites such as Twitter, Spotify, AirBnb… The company could not stop the attack and posted various contradictory informations on this attack : 500 000 connected objects then tens of millions ones. The company did not mentioned the size of the bandwidth used for his attack. Nothing suggests that it was really bigger than the one involving OVH. On the Contrary, it questions on the DDOS mitigations capacities of a such hosting company.