The case for effective internet filtering

Powered by SC Magazine
 

A balance can be struck between enabling access to vast internet resources and providing controls to manage company risk.

Internet filtering affects almost all staff in every business. It is a challenge that affects many stakeholders who each have different requirements and normally falls to the information security team to interpret and implement.

While the main business concerns of filtering relate to unacceptable material, productivity and malware risk reduction, a balance can be struck between enabling access to vast internet resources and providing controls to manage company risk.

The first two methods of controlling access and measuring utilisation are achieved easily through many of the current monitoring solutions in the market. This leaves the decision to be made about which types of sites to permit staff to access -- this could be those that are business-related or others considered acceptable for personal use -- and which sites to block to protect staff from unwanted and unacceptable material.

The amount of time staff spend online and the content they view are generally simple management issues. Security should be concerned about the content that is downloaded.

Category choices are clear and unambiguous for sites that are business related, result in productivity loss, consume large amounts of network bandwidth, or are malicious. Unfortunately, statistics show that all websites should be considered potentially hostile and while providing access to the internet is not a challenge, facilitating monitoring, scanning and controlling inbound traffic is.

The greatest advantage of internet filtering technology is the ability to reduce risk by facilitating real-time malware scanning that diminishes the likelihood of malware infecting computers. The technology is complementary in the Defence in Depth strategy of network control, intrusion detection and desktop anti-malware. The real gain in risk reduction is not in monitoring ordinary network traffic, as this is easily achieved, but in interposing and scanning the encrypted SSL traffic entering the company’s network.

People have always been encouraged to trust in SSL encryption and ensure that communications are secure when transmitting sensitive information. With the interception and retransmission of encrypted traffic, it is essential that trust with the business and staff is maintained.

The important of trust in the interception of SSL traffic is evident in the types of transactions it encrypts:  collaboration, social media, email, and online finance and stocks. Therefore the security of the internet filtering system and the actions of staff maintaining it must be monitored and audited. This should be done by independent third parties outside of the security team if the bespoke critical trust is preserved.

Effective internet filtering provides the business and its staff with a wealth of online information and provides access to more resources while maintaining an acceptable level of risk.

The information security team are not the moral compass of the company, but enablers of business through considered and monitored access to networks and systems.

Gossman's 2010 security report: http://bit.ly/d5qblT

Copyright © SC Magazine, Australia


The case for effective internet filtering
 
 
 
Top Stories
ATO shaves $4m off IT contractor panel
Reform cuts admin burden, introduces KPIs.
 
Turnbull introduces data retention legislation
Still no definition of metadata to be stored.
 
Crime Commission prepares core systems overhaul
Will replace 30 year-old national criminal database.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  27%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  25%
TOTAL VOTES: 433

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  54%
 
No
  46%
TOTAL VOTES: 208

Vote