Carving out a specific niche in the industry as the host that places security as a top concern, FireHost (www.firehost.com) closed its first initial infusion of capital totaling $2 million last month, helping the company quickly expand its IT, sales and marketing team and build out its infrastructure. The funding was also a vote of confidence for the Dallas-based web host’s business model, squarely based on the idea that there is a healthy demand for secure hosting solutions.
Since its marketing launch in June 2009, FireHost has been earning revenue at a 40 percent growth rate, quarter over quarter, largely differentiating itself in the managed hosting space based on its a unique and aggressive approach to secure web hosting. It offers clients free web application security scanning, providing small and medium-sized businesses with detailed reporting on website and web application vulnerabilities.
FireHost garnered a lot of attention last summer when reformed hacker Kevin Mitnick came to the company to host his website after it suffered a series of embarrassing, widely publicized hacks. After being dropped by his hosting company and refused by others, FireHost stepped up to the plate, and over eight months, FireHost mitigated nearly 1,500 hack attempts a week on Mitnick’s site and has kept him free from attacks.
Just days after announcing its $2 million capital infusion, FireHost launched a hosting offering that combines the advantages of dedicated and cloud hosting into an extremely secure and affordable solution for companies of all sizes. Aimed at businesses that need protection from hackers and cybercrime without the expense of hiring their own IT security staff, FireHost’s Secure Server options are compliance-ready, and address the needs of small to medium-sized businesses navigating the potential minefields that are e-commerce and healthcare applications.
In an email interview, FireHost founder and chief executive officer Chris Drake explains the FireHost solution, why secure hosting is in real demand, and what is at stake if a client’s data is compromised.
WHIR: A lot of people see scalability and on-demand delivery as some of the key benefits of the cloud. How important is the security aspect to your particular clientele?
Chris Drake: Many of our clients come to us AFTER the nightmare experience. Many companies realize, inherently, that security is something that needs to be top priority. Especially those that do Ecommerce, or need to meet compliance standards such as PCI or HIPAA. But what’s frightening is the number of businesses that don’t believe they would ever be targeted by a hacker. It’s this group that the hackers bet on, and go after first. We get new customers every day that are smaller companies, who sincerely never thought it would happen to them. It’s a rather emotional service that we end up providing – and the peace of mind it gives customers is priceless.
But here’s what unique about the new Secure Server option. It has that great scalability and on-demand delivery that so many companies have come to appreciate. In fact, our Secure Server is more reliable than a standard cloud, which by the way, actually DOES have a ceiling. A lot of companies believe the cloud is infinitely scalable, but talk to one of our customers about the experience she had when her site when down as a result of high traffic from a NY Times article, and you quickly realize that there is a limit.
This solution seems like something that will help SMBs with eCommerce applications, and healthcare organizations that handle patient data online will be interested in. What compliance regulations does FireHost’s Secure Server support?
CD: This is a great observation and FireHost has packages designated specifically for these groups. We work with a lot of companies that need to meet PCI and HIPAA compliance. In a lot of ways, Secure Server was designed with these businesses in mind. The majority of Ecommerce, banking and healthcare application companies are paying thousands more than they need to every month because they have to have the powerful security of a dedicated server. What we’re doing with Secure Server is giving these companies that that level of security, with the promise that their site will perform well and always be up, and scale. And we’re doing it at a much more affordable rate.
Isolation of critical data, it seems, has been one of the major problems with cloud hosting for serious business applications, and there are some situations where businesses don’t want their data mingling with others’ in a shared cloud environment. Does Secure Server Hosting get around this problem?
CD: Absolutely. We not only isolate the communication between our customers on the network-level with vLANs and the virtualized foundation with VMWare vSheild technology. Our security framework does double-isolation to ensure no data mingling between customers as that’s a huge concern for us and our customers.
In what ways does Secure Server Hosting mitigate the threat of DDoS attacks that have taken down high-profile websites across the Internet?
CD: The primary way to mitigate DDoS attacks is to have a bigger internet pipe than the attack. However, no matter how large the pipe the fact is the person that’s getting attacked is still down unless protected. We also deploy DDoS mitigation equipment on the edge of our network to ensure the attack victim is also protected. We filter the bad traffic to the network and allow only good traffic.
What do businesses stand to lose if their website is compromised?
CD: Everything. Revenue, customers, vendor relationships and most of all, brand. Not to mention, a company could be looking at a major legal issue if critical customer data is stolen. Look at mberry. They lost revenue and customers while their site was down. They spent a ton of money and time working to get their site back up, every time it was hacked. And they risked severely damaging their brand. Thankfully no customer data was stolen. When your site is hacked, your customers know it and in a day and age of social media when information travels faster than you can catch it, you cannot risk an attack.