With thanks to Denis Zlatov, Co-Founder of JetRails, Aviva Zacks of Safety Detectives had the opportunity to learn all about his company. She asked him about JetRails’ managed hosting services and how they stay ahead of their competition.
Safety Detectives: What motivated you to start JetRails?
Denis Zlatov: I met my co-founder, Artur, at the University of Illinois. Two years into a degree in Mathematics and Computer Science, we realized that we were burnt out on college, but we didn’t want to sit around as the tech world was evolving. We wanted to get out there and do something. That was slightly over 20 years ago.
The DotCom bubble had just burst, but there was still a novelty around dot coms at the time. For highly energetic tech enthusiasts, our choices seemed obvious. Either start a web hosting company or a tech company like Google. But Google was already founded. In all seriousness, we were simply looking at the niche that we wanted to fill, and hosting spoke to all our strengths: the love of Unix, the excellence of customer service, and the pursuit of emerging technologies. This is how eBoundHost came into being. Demand for web hosting services was growing and we knew that with our existing knowledge we could bring these services to the market. Of course, technology was completely different back then—everything was manual, servers were far less capable, service offerings were far less sophisticated, and obviously, cybersecurity challenges were completely different.
Fast forward 16 years of eBoundHost, and JetRails grew out of our shared/virtual web hosting platform. eBoundHost is still actively offering shared hosting services, and JetRails became its own brand about three years ago. We noticed that there were a growing number of web hosting infrastructure providers from which businesses could choose, but not one that truly concentrated on treating their website hosting accounts as “mission-critical.” JetRails was created to service high-end mission-critical operations—whether e-commerce websites or really anything that has to stay up 24/7/365. The true motivation has been to bring something to the market that provides comprehensive infrastructure management that addresses security, scalability, speed, and stability for today’s fast-growing brands.
SD: Can you tell me about your company’s managed hosting services as they pertain to cybersecurity?
DZ: Most of our customers are e-commerce providers running on open-source platforms like Magento or WooCommerce, or in some cases Drupal/WordPress. All e-commerce sites are considered to be particularly high-value targets for cybercriminals. If they’re able to get their hands into an e-commerce website, they can scrape credit cards or steal somebody’s extremely valuable marketing and product data.
To combat this, we look at what solutions are already available on the market, build what is not available, and then combine these best-in-class security solutions into the JetRails hosting offering. Keep in mind that we custom tailor hosting environments around the needs of specific customers, so even our Magento hosting is scoped out, deployed, and optimized on a case-by-case basis with unique configurations and optimizations. For example, if there is a certain compliance need that the customer has to meet, or if there is a specific security challenge or scalability challenge, we architect accordingly. A lot of our customers’ security needs are met not just by a single security feature but rather internal controls, policies, or best practices. We want to make sure that there is a WAF and CDN in place. We abstract the origin addresses whether in data centers or public clouds (AWS or Digital Ocean). We provide malware scanners, off-server backups, and intrusion detection platforms. While accounts are tailored differently, we take a full-service approach to managing risk for each user. It’s why we’re known for more than just CMS hosting, but for providing PCI Compliant Hosting and meeting other best practices regardless of the platform upon which a website is built.
SD: What do you do to stay ahead of your competition?
DZ: Most providers in our space are focused on high volume and low support business models. When you try to do high volume, that leads to a very inflexible hosting environment and usually a very frustrating support experience. We take a different approach. We size out and architect the right environment for each user and provide a dedicated account manager. We manage, maintain, and monitor each account proactively. Our customers receive white-glove treatment, meaning that there is a team of people who work on a specific customer account and know intimately what’s happening within that environment for that customer. It’s a very high-effort and high-intensity hands-on approach.
SD: What do you think are the worst cyberthreats now that we’re living through this pandemic?
DZ: Just recently, Q4 2020, there was the largest attack on Magento sites in the shortest period of time thousands of Magento websites hacked in one weekend. The attack dubbed “Cardbleed” took advantage of an open admin resource. If you follow best practices, this endpoint should always be closed to public traffic, and our platform closes it by default. But thousands of sites out there had it open and were exploited. The attack resulted in many thousands of credit card numbers leaking. That’s the most recent attack of such magnitude that we’ve seen. Obviously, by the nature of the business, we are in touch with many cybersecurity firms that operate in the e-commerce space, and one founder mentioned anecdotally that the number of attacks has significantly increased since the start of the pandemic. We can speculate on the reasons behind this increase, but one thing is for certain, the numbers are not going down.