Granting web access to employees poses challenges to IT administrators in a
number of ways and introduces unique security risks. Even as companies have perfected their security techniques to guard against network intrusion, hackers and data thieves have devised new ways to deliver payloads of malware— luring network users to pull in the infected packages during everyday web transactions. Unrestricted web access can also drain network resources and open unwanted communication channels through instant messaging and peer-to-peer software exchanges. To combat the problems associated with web access, many small- to mid-sized businesses (SMBs) are recognizing the advantages of an all-in-one solution as implemented in a secure web gateway.
Nothing stands still in the Internet From the time the first packet made the
transit from one lab to another, the infrastructure that fostered the Internet
and gave birth to the World Wide Web has been undergoing steady, progressive change. Such is also the case for web security. IT administrators tasked with giving their organizations the communication benefits of a global network, while countering a steady succession of evolving threats, know that the phrase eternal vigilance is more than empty rhetoric. Threats are consistently and always countered. New threats arise. Small- to mid-sized businesses in particular may lack the internal expertise to identify and cope with the latest concerns in the rapidly changing security landscape.
Adapting to the changing nature of security threats requires first identifying
the paths of greatest risk, the types of transactions prone to theft or exposure
and the potential mechanisms by which hackers or intruders might gain access.
An equally relevant concern is identifying and preventing the
activities by which insiders might abuse network resources, access information that is legally prohibited by age or policy, or inadvertently expose other network users to circulating viruses or malware. The effectiveness of a web security solution can be measured by success in accomplishing these goals in a manner that does not disrupt daily business operations or place an undue burden on the organization’s staff members, partners, or customer base.
The Internet has become vital to a broadening spectrum of business operations, but with the increased growth of worldwide networking, businesses face an expanding range of threats and vulnerabilities that, if left unchecked, can negate the advantages of an open business model. Anyone who has been involved in IT management or administration has undoubtedly noted that the technologies designed to counter network vulnerabilities are, by necessity, constantly changing to cope with the inventiveness of data thieves and hackers attempting to breach security measures. The viability of the network itself also faces internal risks, from the downloading of software that contains viruses or worms to the network slowdowns that result from excessive traffic associated with file-sharing sites and peer-to-peer exchanges.
One shift in hacker techniques that has been gaining more attention is “driveby malware”, a practice by which network users infect the network with their browsing activities. This tactic emerged when network security measures became more sophisticated at repelling denial-of-service attacks and similar techniques aimed at breaching a network through brute force.
Now, hackers are increasingly focused on luring network users into performing activities, such as clicking on a link to access an e-card or simply navigating to a malicious web page that contains code designed to distribute worms, viruses, spyware, or malware. (see our previous blog entry on this pertaining to social networking sites).
Another emerging problem stems from the proliferation of instant messaging
(IM) and peer-to-peer (P2P) software applications. Fraudsters using security
holes in Voice-over-IP communication tools, such as Skype, sometimes create problems with phony chargebacks and compromised business practices. These kinds of communications among a company’s employees can be difficult or impossible to regulate without some form of central control over web traffic.
Users often feel they have the right to install any applications they want on
their work computers, regardless of company policies or practices. While some IM/P2P applications can provide useful business value to a company, IT administrators need a means to regulate and control user access in a centrally managed way. Applications that are deemed off limits should be blocked, and applications that offer business value and are used for legitimate purposes by staff members should be freely accessible.
For example, many companies take advantage of BitTorrent for exchange of
large files or software downloads. In such a case, administrators need a mechanism to allow employees legitimate access to BitTorrent, while blocking out other applications that are deemed risky or inappropriate.
Web access for staff members is a mixed blessing for small- to mid-sized companies. The same channel through which employees can perform market research, investigate trends, communicate globally with partners and customers, and generate sales leads can be a potential network-clogging traffic generator.
Employees who engage in activities that result in large volumes of data being
funneled through network resources can disrupt operations with higher priorities. While social and business networking, Voice-over-IP, streaming video access, peer-to-peer file sharing, and similar kinds of web access can have legitimate business applications, if unrestricted they can usurp network resources best devoted to other uses.
The popularity of these types of web applications has risen substantially, presenting one more challenge to IT administrators whose ultimate responsibility is the balanced use of available network bandwidth. In the past, central mechanisms for throttling back bandwidth for less-important applications was an area of functionality primarily available to enterprise-scale organizations. Newer solutions, however, appropriate to small- and mid-sized businesses, are addressing this requirement in response to the boosts in network traffic that can be directly attributed to certain kinds of web applications (which often have both business and personal uses).
IT administrators often lack the tools and technology to perform oversight of web access transactions throughout the organization—risking the opening of numerous additional threat scenarios and unwanted communication channels that breach normal firewall protection. While solutions that install on client computing devices can provide a measure of protection, these solutions are difficult to track and administer. And yes, security mechanisms inside routers or other equipment proves to be not enough. Across an organization that may contain large numbers of individual computers, or even a relatively small number, an administrator trying to enforce installation of the latest patches or software updates to ensure current security coverage faces an almost impossible, ongoing struggle.
Employees are known to sometimes circumvent existing protection by disabling security software or ignoring administrative requests to regularly download patches and updates.
The best way to counter the diverse range of threats associated with web access is to consolidate the necessary functionality in a gateway-based, all-inone solution that works in concert with the existing firewall. The IT administrator immediately gains oversight and control of the web traffic, inbound and outbound, and can selectively install filters, monitors, and throttling controls to regulate traffic in a safe, orderly, system-wide manner.
Unlike their larger business brethren, small- to mid-sized businesses often lack an extensive internal staff devoted to security issues. The same personnel tasked with responding to support issues from end users often have to evaluate and deploy the security solutions used by the company, as well as maintain the security hardware and software in place. Complicated security measures that require individual monitoring of user configurations or determining whether current patches have been installed for browsers, anti-virus software, and personal firewalls are difficult to monitor and keep up to date. While these kinds of protections are useful, and in many cases necessary, it is equally important to have an effective first line of defense, a means of taking the traditional firewall protection and bolstering it through additional tools that provide comprehensive web security.
IT administrators who implement an all-in-one web security solution gain distinct advantages over more costly and complex single-function web-filtering solutions. Having a single point of control over web access and usage achieves a number of benefits:
- Effective malware protection: the threat vectors introduced by malware,spyware, viruses, worms, and other threats can be mitigated through a robust first line of defense.
- Reduced costs: a centrally managed appliance for web security reduces IT management tasks and simplifies routine maintenance and upgrades.
- Legal compliance: companies can block access to inappropriate or illegal web content to comply with internal policies and legal mandates.
- Increased productivity: employees won’t be surfing non-business sites during business hours, which also lowers the risk of infection from malware obtained through questionable sites. Other non-productive activities, such as taxing the network with inappropriate bit streaming, can also be eliminated.
To cope with emerging categories of security threats—such as web-based attacks that exploit vulnerabilities at both the user and the server level—IT administrators need easily deployable solutions that offer comprehensive protection.
Because the appropriate level of expertise and the IT security resources
may not be available in a typical small- to mid-sized business, those organizations will be especially attracted to an appliance-based web security gateway that provides the means to implement cost-effective, easy-to-deploy protections and network-use controls in a centrally managed solution. This approach enhances traditional security measures while affording protection against contemporary and emerging threats.
An all-in-one approach to web security offers simplified management, more
consistent security across the network, more opportunities for precisely controlling web application usage within a company, and a reduction in exposure to emerging web-based security threats.