Security policies should be defined for outbound connections as reported application problems rise

Companies should define security policies for outbound internet connections as tightly as they do for inbound, according to Network Box.

The vendor has claimed that applying the same stringent security controls to information leaving their network as they do to inbound information will have little or no impact on the end user but will have a huge impact on security.

After seeing a significant increase in requests from companies seeking help with blocking applications such as Skype or MSN in the last two months, the company claimed that the problem with blocking an application is that it will often find a way through a firewall – either using ‘tunnelling' software, or by searching through all available ports until it finds one open.

Network Box has advised companies to configure their firewalls to block all outbound connections except those to secure proxies, forcing all web access through a gateway security system. This will ensure web access complies with company policy, which can be adapted to suit individual users with specific business requirements.

Simon Heron, internet security analyst at Network Box, said: “Many companies still use a legacy approach of blocking all inbound ports except those known to be secure, but not applying the same to outbound. These days, companies are much more concerned with security breaches resulting from within the organisation.

“There are so many more applications we all use to connect from our PCs.  Applications such as Skype and IM can be useful business tools, but only if they are used within the framework of a company's overall security policy.”

See original article on scmagazineus.com