How small businesses can shore up their application security

While several large companies have secured applications that fuel their business, SMEs (small- and medium-sized enterprises) have to shore up against vulnerabilities to their applications, says Venkatesh Sundar, Founder and Chief Marketing Officer of Indusface, in a Masterclass on 'Application security playbook for businesses' at TechSparks 2021.

"The threat is real," Venkatesh asserts. "Anything that is online and public-facing is open to an equal amount of threat, regardless of how famous that application is." Indusface develops software to secure web and mobile applications for global customers.

Venkatesh's 35-minute Masterclass on application security — and how businesses can function without worry — is based on Indusface’s experience of observing more than 2,000 customers. It went live on Monday at TechSparks 2021, India's most influential startup-tech conference organised by YourStory.

ALSO READ

“We've turned into a true blue cloud company,” says Kulmeet Bawa, MD & President, SAP Indian Subcontinent

The need for application security has grown by leaps and bounds in the past two years. The COVID-19 pandemic pushed brick-and-mortar companies to embrace digitisation and find customers online, Venkatesh notes.

The pandemic also accelerated adoption of cloud computing to speed up how businesses operate, and mainstreamed APIs (application programming interface) to aggregate services.

Smaller companies often underestimate their ability to draw attacks from hackers. Venkatesh reiterates that companies — no matter what their size — must prioritise securing their applications, though they cannot have technology budgets like their large counterparts.

DDOS and bots are the largest pain-points for companies, Venkatesh points out. A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.

To keep businesses functional, Venkatesh suggests a couple of ways to keep applications secure.

Know your applications

Businesses must treat the inventory of their own applications as the first priority to know what needs to be secured. In a world of application threat vectors and attacks, businesses have an advantage over hackers if they focus on knowing their own applications.

Focus on solutions more than on tools

Application security should be a consistent and continuous process — both in terms of inventory and visibility of applications, and finding the right solutions to fix and mitigate any threats.

“Application security is very, very complex. It requires a lot more special expertise for securing an application than it would be for other components like server-level security or network-level security,“ he adds.

Partnering with vendors, who provide these specialised services, is one of the key steps to ensure that business applications remain secure. The vendors should provide holistic solutions, including security risk assessments and protection. Furthermore, ensure they become a managed security partner, in order to create sustainable security solutions and practices.

In an apt metaphor of our times, Venkatesh says, “Application security must be viewed as the oxygen ventilator for your business to continue breathing in a worry-free manner.“

For a line-up of all the action-packed sessions at YourStory's flagship startup-tech conference, check out TechSparks 2021 website. To experience this Masterclass on our virtual events platform, join thousands of other startup-tech enthusiasts from around the world here.