By Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa.
Spyware, viruses, worms, Trojans, adware, and other unwanted or unauthorised applications are not just an e-mail problem. They also infiltrate networks via Web browsing. Malicious or inappropriate websites and the significant impact that employees’ uncontrolled surfing of the Web can have on productivity and network bandwidth pose a significant threat to organisations.
Many organisations have no defences beyond their network firewall for inspecting Web traffic, and writers of malicious code capitalise on the often-overlooked and inadequate Web security within corporate networks. The objectives of malware writers are to steal confidential information or to establish botnets – networks of hijacked computers, or zombies, that are used to propagate spyware, viruses, spam and other threats. Infection is easy. Malicious code can be downloaded and installed without any visible clue, simply by visiting a website.
Potentially unwanted applications, such as adware and peer-to-peer programs, particularly popular and dangerous tools of the trade, are often used to install malware surreptitiously.
A checklist for effective Web security
What can businesses do to block this increasingly exploited vulnerability? And what should they be looking to implement?
A robust, useable Web security solution should comprise a URL filter to enforce an acceptable use policy. It should also provide a fast content scanner to protect against threats such as spyware, viruses, exploits, malicious code and unwanted applications. A policy framework that makes it easy to combine URL filtering and scanning for threats is a further consideration.
There is also a need for easy administrative tools for policy management and reporting, along with a confidence that the vendor will deploy up-to-date protection against any new threat instantly and reliably.
The current patchwork of solutions that is available has proven extremely difficult to implement and co-ordinate. Companies might have deployed a gateway anti-virus scanner or a URL filter but, working independently of each other, neither is proving effective at meeting the full range of requirements. Gateway anti-virus misses many of the new types of threats such as browser helper objects and drive-by downloads, and URL filtering technology typically lacks adequate coverage of security-related threats.
Maintaining several separate solutions for Web security not only introduces the need to tune multiple components; it also adds scanning latency and generally increases the total cost of ownership through an increase in acquisition and deployment costs and overall administrative burden.
Web traffic is being increasingly exploited for commercial gain, resulting in the loss of confidential information and the degradation of corporate networks. As a core business enabler, Web browsing requires as much security and protection as the e-mail gateway and endpoint.