Just browsing to a dubious website from in unprotected environment can result in downloading of malware on to your PC and it spreading across your network to other users and servers. So being careful about where users browse is an important component in keeping safe. Controlling internet browsing access for individual users or groups of users, by employing filtering techniques has proved highly successful for many types of organisations large and small.
Some simpler firewall security devices including ISP routers claim to undertake some form of internet filtering or content screening. In today’s internet climate where most sites including social media use HTTPS encryption from individual PC all the way through to the hosting web server – it is essential for filtering products and services to be able to decrypt traffic, then undertake the required filtering checks, re-encrypt the traffic and send it on its way – or block the user from viewing the site if the content violates the organisation’s filtering policy. Simpler devices do not have the intelligence or power to conduct this type of HTTPS checking.
Internet Filtering – Security and Productivity Benefits
NetPilot’s SoHoBlue employs a number of filtering mechanisms for browser traffic. These can limit which sites PC users can browse in several different ways and there are three main benefits that this offers the organisation. Firstly users and the network are less likely to be infected by malware. Secondly, websites that are inappropriate or illegal cannot be visited and finally social media sites that are proven to be a great distraction to some are not available during business hours via the organisation’s network. By focusing workers on business related internet use – traffic is reduced and response times improved.
Allow Lists (also known as White Lists) can be used very effectively in a business situation providing both security and productivity benefits.
In organisations where individuals or groups of users only need focused access to a restricted list of maybe up to fifty sites for business use – Allow Lists are ideal. For example in a Solicitor’s Practice, those conducting conveyancing tasks will need access to the Land Registry and Banking sites, those in Litigation will need differing access say to CPS and Legal reference sites but the total combined number of sites that users would normally ever visit for business needs is probably less than 50 and conveniently most of these will not vary over time. Those attempting to go to websites outside the Allow List will be blocked. However, users will have the option of asking their administrator for increased access to allow browsing of other business related sites.
Allow Lists as simple as they are undoubtedly provide far greater security than any attempts at high-tech intelligent scanning of website content or employing Block Lists (also known as Black Lists). However, some users will require far more unrestricted internet access to that described above – but along with greater access does come greater risk. Happily intelligent filtering systems can mitigate the security risks.
Custom block lists can be created on most intelligent security devices but because of the speed of change and introduction of new sites it is generally recognised that Block Lists need to be professionally created and maintained by Filtering Service Providers. The Block Lists provided by these services are huge and are constantly updated.
NetPilot’s SoHoBlue can utilise a number of differing filtering services, the most popular being Smartfilter. With this service, websites are divided into some 90 plus categories and approximately 20 of which are usually blocked for all professional and conventional businesses. These categories include: Porn, Hate or Discrimination, Gambling, Gore, Weapons, Phishing, Malicious, and Anonymising services. Typically all these categories would be blocked for all users within an organisation and the remainder would be blocked according to the organisation’s business or acceptable use policies. For example there are categories of sites that relate to Smoking and also Alcohol. For many organisations there are no business reasons why their staff would visit such sites. However, if your business involves these products then you would want to allow these categories – so the system is totally flexible and configurable to match your needs. It is also flexible enough to block or allow categories for individual users or groups of users.
Additional tools from Microsoft and Google – and attempts to bypass filtering!
Both Bing and Google provide the means to set a ‘SafeSearch’ option on individual PCs to block what Microsoft and Google deem to be undesirable sites or images. However, these options can be switched off. SoHoBlue implements the means to force these settings ON for individuals, groups of users or for the whole organisation.
One of the early methods used to get around filtering systems was not to browse directly to the desired site, but to go initially to an intermediary website service known as a proxy to anonymise the browser to both the filtering system and to the end service being accessed. These bypass attempts can be blocked in a number of ways by SoHoBlue.
Anti-Virus Filtering at the Gateway to the Internet
Most organisations will implement an Anti-Virus solution of some type on each of their PCs. Often these vary – often being installed with some special offer when the PC was purchased and some even being free software. The result is often a patchy collection of differing software from different companies with licenses expiring at different times, sadly low numbers of AV scans being performed on PCs and questionable status of AV signature updates on each PC. A worrying and potentially insecure mess!
It is important to have properly conducted Anti-Virus checking on each PC and this does need to be addressed. However, one solution to adding stronger AV defences for the whole organisation in one straightforward step, is to implement another layer of AV checking by using SoHoBlue at the gateway between your network and the internet. SoHoBlue is automatically updated many times per day with the latest signatures of the latest emerging viruses. It can be configured to check all incoming and outgoing emails and check all browsing sessions for malware. So between the two layers of AV checking the organisation is considerably more secure.