Abuse Prevention

Security precaution: update your passwords

secureThe only way to stay safe on the internet is by helping each other minimize security risks. So as a precaution, I want to make you aware of a situation that could possibly affect you.

There are currently several databases available on the internet containing personal data such as e-mail addresses, user names and associated passwords. Lately, our security teams have noticed an increase in attacks attempted by unauthorized parties using this data.

In order to protect yourself, we recommend everyone to take the following actions if you haven’t done so already:

Read the rest of this entry »

What you need to know about IP address blacklisting

secureHaving your IP address end up on a so called ‘blacklist’ can be a troublesome experience, especially when not anticipated. In most cases, it is a sign that something is wrong on the server(s) you rent or own, or that maybe one of the end users hasn’t followed email sending guidelines. This post is dedicated to those who want to know more about IP address reputation and what can be done to resolve issues identified by other parties.

The ongoing fight against spam

As we have already explained in the Spam blogs (I and II), email spam continues to be an issue. Due to the ever-evolving problem of email spam, there is an understandable need to have measures to combat this. Over the years, several efforts have been made to prevent unsolicited emails from reaching email inboxes by a plethora of means. Many of these proposed solutions have had promising technical white papers but few have actually resulted in an implementation that is either scalable, reliable or both.

Read the rest of this entry »

What you need to know about spam (part 2)

secureLast time, we talked about how spammers gather email addresses and then make money from them. This time we’re looking at a few more things you may not know about spam.

How to prevent your promo emails being marked as spam
You have a web shop with a lot of customers who would benefit from knowing you have a sale next week. How do you make sure that your email won’t get marked as spam?
The following rules have been created to make sure companies can send out marketing emails to their customers without them ending up in the junk folder.

  • Double opt-in: Each customer must (1) actively sign up for emails on your website and (2) respond to an email sent by you to confirm that they indeed want to receive them.
  • A fully functioning opt-out option in each marketing email they receive: Each marketing email you send needs to have an opt-out option – one which actually works.

Read the rest of this entry »

What you need to know about spam (part I)

secureWhere does spam come from? Why do people send it? And what can we do to stop it clogging up our inboxes? This two-part article explores these issues and comes up with practical ideas for keeping us safe, secure and spam-free.

Clickbait articles
It’s almost impossible to open your e-mail inbox and to not see spam in there. In some cases, it’s because someone unintentionally for signed up to things like clickbait articles. A clickbait article is, for instance, an article where they promise you a free trip to New York – although the free trip may not even exist. Most of the time those articles channel responses to information harvesters which, in turn, will lead to databases containing literally millions of email addresses and personal contact details. Such databases or lists can be sold to the highest bidder on the dark net/dark web/deep web, or even on normal sites.

Read the rest of this entry »

Helping combat child abuse: Hotline Meldpunt Kinderporno joins the LeaseWeb Community Outreach Program

mkpLeaseWeb set up the Community Outreach program in 2010, aiming to bring together non-profit organizations who combat online abuse of all shapes and sizes. Whenever a new organization joins our Community Outreach program, we’ll introduce them to inform people about what they do – and why they do it.

The latest party joining our program is Meldpunt Kinderporno (MKP), the Dutch foundation against (online) child sexual abuse. LeaseWeb and MKP have already been working together as partners for a long time, so it is only natural that we now welcome them within our program.

Part of the organization INHOPE – the international network of hotlines in the world – MKP handles all reports of child sexual abuse material (CSAM) within the Netherlands. MKP will verify / analyze the content and process the reports. If they find any form of child sexual abuse, they will report them to the respective ISPs.

Read the rest of this entry »

Security: it’s all about managing risk!

EnterPrise_01_ComplianceOrganizations are increasingly dependent on their digital infrastructure. At the same time, these organizations seem to be more vulnerable than ever as cyber criminals’ techniques become more and more sophisticated. So how can you handle this situation? In other words: how do you become a secure online organization?

This was one of the topics discussed by Dell and LeaseWeb customers during a roundtable discussion about security. IT security specialist and journalist Brenno de Winter provided interesting insights in his introduction: “If your company wants to be a secure organization, you have to manage risks. There are four options when dealing with risks: accepting them, reducing them through security measures, avoiding risks by ceasing certain activities, or to partially outsource risk management to a third party. There are also affordable insurance policies against hacks available which are worth considering. But no matter what you do, make sure you have a risk management strategy in place, supported by tools that identity the security risks of your organization.”

Read the rest of this entry »

Outsourcing your IT security: yes or no?

CloudSec_comp“Should we keep IT security in-house or is it better to outsource?” This has long been a thorny issue for organizations. Recently, it was one of the most important topics during a LeaseWeb Security Round Table with customers and I’d like to share some of the things I learned.

The discussion immediately took off following a statement from one of the participants, an end user: “In the Netherlands, the mantra is to focus on your core business. I dare to differ. I always learned that when operations are critical to your organization, you should keep them close. If security is critical to your company, why outsource it? If you outsource, you disconnect it from your company. What do you think about this?”

Read the rest of this entry »

Update on the new EU US Privacy Shield

AdServing_01_FlexibilityAfter my previous blog last month we were still looking out for any news about solutions for the Safe Harbor invalidation. Since the press release of the EU US Privacy Shield, announced by the European Commission on February 2, 2016, we have seen many press articles and numerous links. So here is our update and recap on the timing of the EU US Privacy Shield and alternative solutions offered by LeaseWeb.

Read the rest of this entry »

Are you compliant with the new Dutch Law on Data Breach Notifications?

EnterPrise_01_ComplianceOn January 1, 2016, the new Dutch Law on Data Breach Notifications came into effect. Organizations – both companies and government agencies – are now required to immediately report any serious data breach to the Dutch Data Protection Authority (Authoriteit Persoonsgegevens). And, if it is likely that the data breach will have an adverse effect on the privacy of those involved, those people have to be informed as well.

A data breach is defined as the act of accessing, deleting, modifying or releasing personal data, committed unintentionally by the organization. Not only releasing (e.g. leaking) personal data, but also the illegal processing of data, will be seen as a data breach. Examples of data breaches are a lost USB stick containing personal data, a stolen smartphone or malicious access to a database by a hacker.

Read the rest of this entry »

Safe Harbor invalidation not affecting LeaseWeb customers

In October last year, the US Safe Harbor regime was invalidated by Europe’s Court of Justice, meaning that personal data of Europeans could no longer be transferred by a company to US companies solely on the basis of such companies being Safe Harbor-certified.

Alternative Solutions

At the time of the ruling, no replacement for the Safe Harbor principle was proposed. The European Commission gave itself a 3-months term to come up with an alternative solution, working towards January 31, 2016. It is not likely that this timeline will be met but we expect new developments to be made public in the coming weeks.

Read the rest of this entry »

LeaseWeb on Twitter

TechSummit will host speakers from Lyft, Best Buy and more. Signup now for the best in the industry - limited number lsw.to/lkZ

test Twitter Media - TechSummit will host speakers from Lyft, Best Buy and more. Signup now for the best in the industry - limited number https://t.co/zTJUhw9xxx https://t.co/1d9ctuIxqe

TechLunch September edition: Don't miss Leaseweb's Arnoud Vermeer explain "Scaling Infrastructure Behind the Scenes" lsw.to/lkg

test Twitter Media - TechLunch September edition: Don't miss Leaseweb's Arnoud Vermeer explain "Scaling Infrastructure Behind the Scenes" https://t.co/UKVBlPTGMB https://t.co/PItddSz7gG

If not you then who? If not now, then when? lsw.to/lkE #Leaseweb #Opportunity

test Twitter Media - If not you then who? If not now, then when? https://t.co/oMSThqDWe0 #Leaseweb #Opportunity https://t.co/E9FnLiDIU8

Cyberattacks: How to understand the ongoing threat and how to prepare against it lsw.to/lkt