Back to blog

Follow and Subscribe

A guide to protecting your data during the holidays

Ashley Hurwitz

Content Marketing Manager, Fastly

An illustration of a secured browser window inside a blue bubble that is protecting it from incoming red arrows

It may be every shoppers’ favorite time of year with the seemingly endless deals from brands big and small, but for others, it can be an anxiety-inducing season of dread for site reliability engineers. With Cyber Monday sales (alone!) reaching $11.3 billion in 2022, bad actors have yet another opportunity to take advantage of high-volume online shopping. But these attacks don’t just happen once a year, and it's crucial that your business is prepared all year round.

In order to stay safe you have to address a lot of different areas, so we gathered a few crucial best practices around everything from your CDN to your WAF, for rules that prevent gift card fraud, and the benefits of managed security, and even DDoS protection from massive attacks, like the recent and massive Rapid Reset DDoS attack, which Fastly customers were not impacted by. (You can learn all about our methodology in this blog)

Looking to get through the rest of the year with minimal headaches and worries? Prepare for the turbulent holiday season with Fastly and check out these blogs on how to get the most out of our products.

Staying secure during the holidays

Stronger security with a unified CDN and WAF
By utilizing a few existing tools, like JA3 and various headers, Fastly’s CDN can be used to both enrich data and improve visibility in the Next-Gen WAF (NGWAF). In return, customer security decisions configured on the NGWAF can be enforced at our delivery network’s edge with the option of imposing additional penalties on attackers. When preparing for Black Friday, companies need to take advantage of every available tool, without acquiring new vendors or disrupting their workflows, check out how to utilize the whole Fastly ecosystem.

Preventing Gift Card Fraud with the Next-Gen WAF
Gift card scams have become a quick favorite of bad actors looking to target online retail and ecommerce brands, causing reputational damage and eroding consumer trust in major retail brands. If you’re using a legacy WAF, the response time and defensive actions can be time-consuming and unwieldy unless perfected. However, if you want to modernize your security strategy, retailers looking to protect their sites during the Black Friday holiday season can utilize the Fastly Next-Gen WAF to stop gift card fraud directly at the application layer. Check out how to utilize Templated Rules and custom rule building to detect and mitigate gift card fraud with the NGWAF.

Thriving amidst chaos: Managed security tips for Black Friday weekend
Between Thanksgiving and Cyber Monday, revenue-focused teams celebrate their influx of sales. In contrast, often under-resourced cybersecurity teams are left to wage wars against the bad actors hidden amongst the ever-growing traffic. To increase readiness and expertise, organizations regularly turn to managed security services to augment their capabilities and maximize uptime and availability. Follow these tips to mitigate that stress and find out how Fastly's 24/7 MSS team can help, be prepared with these crucial tips for the holidays.

8 recommendations to prep for Black Friday weekend with the Next-Gen WAF
Bots, blocking, backups. When using Fastly’s NGWAF there are many ways that you can optimize in preparation for the big Black Friday weekend. Luckily, you don’t have to ruin your site reliability engineer’s holiday because you weren’t prepared. Worried about spiky traffic, how to mitigate attacks, and more? Read on for our necessary tips and tricks to avoid downtime with these easy steps.

Level up with The AppSec Guide for Multi-Layer Security
If you see the value of looking at your security at different levels, we go into even more detail and provide 8 tactics for a unified approach to AppSec. A multi-layer approach to your overall IT strategy can keep you prepared for everything from Black Friday’s high-impact traffic to preemptively blocking malicious IP addresses. Learn how to improve your security with tactics across different layers of your organization and architecture. Get the white paper.

Surviving the holiday season and beyond

It may feel like a Sisphysian task to get through the busiest retail season, but remember these cybersecurity tips to proactively protect your organization and consumers. If you’re not working with us yet, why not? We’re powering the best of the internet and our Next-Gen WAF provides advanced protection for your applications, APIs, and microservices, wherever they live, from a single unified solution. Sign up for a free trial or chat with one of our experts to see what we can do for your business.