It is not possible to fully mitigate the risk of a denial of service attack affecting your service, but there are some practical steps that will help you be prepared to respond, in the event your service is subjected to an attack:
- Understand your service the points where resources can be exhausted, and whether you, or a supplier, are responsible for them.
- Ensure your service providers are prepared to deal with overloading of their resources.
- Ensure your service can scale to deal with surges in use.
- Have a denial of service response plan in place that includes graceful degradation of your service.
- Monitor for denial of service attacks and test your ability to respond.
Five essential practices
Whilst it is not possible to fully eliminate the risk that a DoS will be successful, it is possible to be well prepared.
You should understand the methods of attack that are likely to be most effective against your service, and have a response plan ready to manage an attack, minimising disruption to legitimate service users.
System designers and operators should think carefully about designing the service to cope with a DoS, and to choose third party services from suppliers they are confident will be able to help manage attacks.
Below, we outline five practices which will help you prepare for a DoS attack. Each should be considered as just one component of an overall response.