Saxo Bank bolsters SaxoTraderGO resilience to DDoS attacks
Saxo is moving from a reactive to a proactive protection setup, meaning that its service will be presented at a new IP address.
Multi-asset trading and investment specialist Saxo Bank has informed its White Label partners of its plans to strengthen the resilience of SaxoTraderGO to DDoS attacks.
The company said that in order to ensure resilience against the ever-growing threat of cyber attacks, it is making adjustments on how the SaxoTraderGO platform is exposed to the external world. With regard to that, Saxo is moving from a reactive to a proactive protection setup, meaning that its service will be presented at a new IP address.
If white label partners are currently using CNAME entry in their DNS for their Login URL towards Saxo, no action from their end is required. The change will be transparent when the IP address is changed by Saxo.
If the partners are currently using A-Record towards Saxo, they will need to change their DNS configuration from A-record to a CNAME. The Account Manager will contact them in the near future with additional details of the required changes. Primarily, this will include removing the A-Record and creating a CNAME record pointing to your.domain.com.wlc.dclb.net. (including the trailing “.”).
In June this year, Saxo Bank successfully passed an IT inspection conducted by Denmark’s Financial Supervisory Authority (FSA). The regulator checked Saxo’s IT security management, IT strategy, organization, contingency plans, security policies and guidelines. Also, the FSA reviewed Saxo Bank’s procedures for access to systems and data, system audit, outsourced IT capabilities, and the requirements and procedures for reporting.
The regulator noted that Saxo Bank’s business model makes the company highly dependent on a stable and secure IT environment. It also added that Saxo Bank had implemented well-documented business procedures to control risks and to report to the Executive Board and the Board.
DDoS attacks are not uncommon in the online trading world. The latest reports of such an attack from the industry came from Canada’s Questrade and Japan’s Kabu.com. The attack against Questrade hampered the work of its platforms for several hours on June 16, 2017. The company explained that what happened was not a ‘hack’ and no personal information had been compromised. Kabu.com had its corporate website under attack on June 29, 2017 – the service was restored after approximately 30 minutes. The Japanese company said there was no information leakage as a result of the attack.