The case for effective internet filtering

Powered by SC Magazine

A balance can be struck between enabling access to vast internet resources and providing controls to manage company risk.

Internet filtering affects almost all staff in every business. It is a challenge that affects many stakeholders who each have different requirements and normally falls to the information security team to interpret and implement.

While the main business concerns of filtering relate to unacceptable material, productivity and malware risk reduction, a balance can be struck between enabling access to vast internet resources and providing controls to manage company risk.

The first two methods of controlling access and measuring utilisation are achieved easily through many of the current monitoring solutions in the market. This leaves the decision to be made about which types of sites to permit staff to access -- this could be those that are business-related or others considered acceptable for personal use -- and which sites to block to protect staff from unwanted and unacceptable material.

The amount of time staff spend online and the content they view are generally simple management issues. Security should be concerned about the content that is downloaded.

Category choices are clear and unambiguous for sites that are business related, result in productivity loss, consume large amounts of network bandwidth, or are malicious. Unfortunately, statistics show that all websites should be considered potentially hostile and while providing access to the internet is not a challenge, facilitating monitoring, scanning and controlling inbound traffic is.

The greatest advantage of internet filtering technology is the ability to reduce risk by facilitating real-time malware scanning that diminishes the likelihood of malware infecting computers. The technology is complementary in the Defence in Depth strategy of network control, intrusion detection and desktop anti-malware. The real gain in risk reduction is not in monitoring ordinary network traffic, as this is easily achieved, but in interposing and scanning the encrypted SSL traffic entering the company’s network.

People have always been encouraged to trust in SSL encryption and ensure that communications are secure when transmitting sensitive information. With the interception and retransmission of encrypted traffic, it is essential that trust with the business and staff is maintained.

The important of trust in the interception of SSL traffic is evident in the types of transactions it encrypts:  collaboration, social media, email, and online finance and stocks. Therefore the security of the internet filtering system and the actions of staff maintaining it must be monitored and audited. This should be done by independent third parties outside of the security team if the bespoke critical trust is preserved.

Effective internet filtering provides the business and its staff with a wealth of online information and provides access to more resources while maintaining an acceptable level of risk.

The information security team are not the moral compass of the company, but enablers of business through considered and monitored access to networks and systems.

Gossman's 2010 security report:

Copyright © SC Magazine, Australia

The case for effective internet filtering
Top Stories
Westpac interim CIO resigns
Group CIO yet to be appointed.
Earning the right to innovate
Breaking down the barriers to innovation is a long, but rewarding process, says Bank of Queensland Group CIO, Julie Bale.
Telstra prepares to shut down 2G network
Update: Will farewell "old friend" by end of 2016.
Sign up to receive iTnews email bulletins
Latest Comments
What is delaying adoption of public cloud in your organisation?

   |   View results
Lock-in concerns
Application integration concerns
Security and compliance concerns
Unreliable network infrastructure
Data sovereignty concerns
Lack of stakeholder support
Protecting on-premise IT jobs
Difficulty transitioning CapEx budget into OpEx