Serkan Sevim, Medianova: “Digital services should be secured by cloud security platforms and CDNs”

The digital landscape has changed significantly over the last couple of decades, leading businesses to adopt better content delivery methods.

It has led to the rise of content delivery networks or CDNs, with which content can be delivered to users with minimal latency through geographically distributed servers. A growing number of businesses are using CDNs to provide their services to a global audience. The reason for this is that CDNs offer businesses a number of advantages when it comes to delivering content in a seamless and timely manner.

To find out what the advantages are and how they can contribute to your business, the Cybernews team invited Serkan Sevim, CEO of Medianova – global CDN solutions and cloud platform provider.

Tell us a little bit about your history. How did Medianova originate?

Medianova's story started with selling football matches over the internet in 2004, when Netflix was sending DVDs to homes and there was no Youtube. By selling the Turkish Football League to the entire world on a streaming basis, the need for this content delivery infrastructure was identified. Following this realization, Medianova entered the CDN market in 2005 and began working with Turkey's largest customers.

Over the past years, Medianova has provided cloud products in streaming, encoding, transcoding, live broadcasts, and VOD services, and over the past 8 years, CDN services evolved from dynamic caching to cloud WAF and DDoS protection. With these added CDN services, new markets such as e-commerce, banking and the gaming industry, were accessed. For the last few years, we have seen the growth of security services such as DDoS and WAF.

Can you tell us a little bit about what you do? What challenges do you help navigate?

I am a tech CEO with a major in Physics and Management Information Systems. So while I am running the company in all operations, my main focus is the product. Therefore, I spend the majority of my time developing products adding great value to our customers. Moreover, I am also very active in HR to build a great team to deliver great results. Our main job is to find customer pain points and develop platforms solving these problems with our innovations.

One of the difficulties we have been dealing with the most in recent years is the rise of the digital world following the pandemic, along with chip and talent shortages. In spite of that, Medianova has recently expanded its reach, particularly in the Middle East region, throughout Europe and Turkey, and has advanced to become the biggest player.

What are the most common problems companies run into on their digital transformation journey?

When we talk about digital transformation, we should talk about the transformation of people. As an executive, we have to change the way people think and work. The Pandemic has clearly shown this to us, but looking at Medianova, I am confident that we are among the businesses that adapted to the Pandemic most quickly. Medianova is a digital born company, and we were already using Slack, Zoom, Atlassian platforms to collaborate and all of our processes were digital. Some of our team were already working remote even before the pandemic. As a result, we had no issues working from home.

If we focus on general industries, we realized that cloud penetration boomed and this made digital transformation even faster. Today, companies focuses more on their core competencies and leave most IT operations to cloud companies. For example, Medianova provides CDN services and our main values are uptime, performance and security. We are 100% focused on these values with our talented team 24/7. So it is much easier for a corporate to leave that part to cloud companies like Medianova and keep running the actual business.

In other words, we were taught that technology was the barrier to digital transformation, but after the pandemic, We realized that this is not the case; rather, the problem is the working habits. At Medianova, we create lots of content and webinars, trying to educate industry and show new ways of doing business, especially in the cloud arena.

How did the recent global events affect your field of work?

I would say it is both positive and negative at the same time. It is positive because there is a massive digital transformation underway, and it is on everybody’s agenda. We are the digital world's infrastructure and services provider.

On the negative side, world had travel bans. As Medianova, we needed to travel to upgrade and install new infrastructure around the globe. Since it was harder for people to travel, we had to change our way of working as well. We invested heavily on the CDN technology to require less hardware for content delivery.

Why do you think certain organizations are unaware of the dangers hiding in their own networks?

We talk about digitalization, but digitalization comes with different levels of security. For our homes or factories, we know how to lock the door, and how to put a fence, but in digital world, most companies are so new, that they are not aware of how easy for hackers to get in.

So basically, as a company, our goal is to reach more decision-makers and CEOs to show them how easy it is for hackers to get in if you don't take precautions. For example, if you write your own software, the lack of knowledge of one person in your company can create a huge hole for hackers to get in, and it is very easy for them to scan for and discover new hacking techniques as the attack surface expands each day.

To solve this problem, Medianova’a Aksela platform acts as a cloud security umbrella with its WAF feature and also by hiding the origin servers of the customers. One can also use Medianova Aksela without caching and to just to filter the web traffic from attackers.

These are great solutions that were not existing 5-6 years ago.

What are the best practices companies should follow when developing and when launching a website?

First of all, on the development and coding side, there should definitely be a sphinx process to ensure quality, and many products should be integrated with CI/CD workflows, which should run 24/7 to make sure the quality is high and the network is secured.

On top of that, you have to assume that there will always be some holes and a cloud protection will be needed.

I also need to make this more clear.

Most companies run appliances to do the security in their own data center to protect their origins. What we suggest is, yes, keep your appliances, but also use a cloud service to protect your own appliances as well. I suggest most companies do penetration tests regularly and third part security tests to improve their security infrastructure.

In the future, most companies will not have their own hardware and use other cloud services as origins. But still, protection will always be needed for business continuity and peace of mind.

In the age of frequent cyberattacks, do you think small businesses and big enterprises require the same security measures?

There is of course a difference between a bank and a small shop running a website in the protection layers because the bigger you are in terms of business continuity or data security, the data value of your business becomes higher. In other words, attacking a larger company is more prestigious for hackers than attacking a small company. The bigger you are, the more at risk you are.

You genuinely have to think about rules and layers if you are a larger company.

But the good news is that, in today’s cloud world, all security products are easily affordable for small and large websites. For example, if you use the CDN service to increase your reliability and accelerate your website, you also automatically get DDoS protection from attacks.

What new threats do you think the public should be ready to take on in the next few years? What security tools should be implemented?

The size of DDoS attacks has increased tremendously. The total number of DDoS attacks in 2021 was 9.75 million. This is one aspect to think about. On the other hand, there will always be penetration attacks on your side, and if one of your employees forgets to secure one port of your server, this will be an entry point for hackers to get in. So, I would say Waf and DDoS are the most important ones.

The API is also becoming the main coding methodology in the modern world. All code and microservices talk to each other through APIs. Because APIs are very well documented, it means that it is very easy for hackers to attack an API. By using a CDN, you can protect your APIs while increasing your reliability and security big time. API attacks will be a topic that we will see more and more of. In the upcoming years, APIs are expected to be the primary attack vector.

The other, I would say, is DNS. DNS is another major attack point for any web service. As we know, computers talk to each other through IP addresses, which are numbers and are not easy for people to remember. Thus, DNS makes an IP address human-readable content with a URL. If an attacker attacks your DNS, it means that they can take you down in one shot, the whole platform.

So API and DNS security are the next big topics to consider, other than DDoS and WAF protection, in the next few years.

At Medianova, we also provide Anycast based DNS service which is fast and also very hard to take down.

Share with us, what’s next for Medianova?

We are a leading CDN company, and have been mentioned in Gartner reports for many years, along with 18 other prestigious companies. We are extremely strong in our region. Medianova’s new vision is to become a leading cloud service provider, where CDN will only be one of our services. For that purpose, we are investing more and more in AI based security services like WAF, AI based super image resolution services, faster content delivery and such. We also want to make sure that signing up for Medianova services is super easy and fast.

So in the near future, if somebody signs up to Medianova, it will be easy for them to start using a CDN service where they will also be able to activate security services like WAF through our self-service platform. We are planning to increase the number of these services one by one and become a much more impactful cloud service company.

Leave a Reply

Your email address will not be published. Required fields are markedmarked