03 February 2012

9 Reasons to Enforce Web Security within the Organization

Considering the wide range of malicious content threatening your users, implementing strong web security within the organization is a crucial part of any defense-in-depth strategy. Web security doesn’t have to mean blocking your users’ access to the Internet, but it does mean protecting them from the types of threats they will encounter every day. Here’s a rundown of the top nine threats that are there to help you understand the importance of strong web security. Some of these are threats to your users; others are threats to their productivity. All are things web security can help you protect against.

1.Compromised sites hosting malware
Every day you can read about sites that have been compromised by attackers. Hacked sites hosting malware are a common way to spread the damage to hundreds or thousands of others very quickly. Strong web security can protect your users by blocking access to compromised sites, and by scanning any downloads for malware.

2.Cross-site scripting attacks
Cross-site scripting can steal credentials, direct users to sites specifically hosting malware, and worse. Web security can detect when an XSS is attempted and protect users from the effects.

It’s common for people to register domains that are either misspelled, or simple one-offs from other sites to try to get traffic from users’ typos. Sometimes these sites simply have aggressive sales content; other times they are set up to look like the real site to fool users. Either way, web security can prevent this all too common mistake from doing damage.

4.Phishing sites
Phishing emails almost always include links to sites, where the real damage can be done. Web security can block access to these phishing sites.

5.Adult content
The last thing you need is an HR issue to deal with because someone clicked the wrong link in some search results. Web security can enforce the acceptable use policy, preventing both the intentional and accidental violations from occurring.

6.Controversial content
Adult content is not the only risk; political and religious sites may not be appropriate for users to access while at work and web security can ensure that Internet access is business appropriate.

7.Time sinks
If you have ever surfed the web, you have probably experienced the time loss that comes from a planned 30 second check-in that becomes a 30 minute catch up with what else is going on. “Just one more click…” can cost your company hours of lost productivity. Web security doesn’t have to block all personal Internet access; it can permit that within reasonable time limits.

8.Bandwidth hogs
One Internet audio stream may seem like it uses an insignificant amount of bandwidth, but with everyone streaming music, your pipe can quickly become clogged. Web security can monitor and identify the major bandwidth users, or block access to streaming media completely to save that bandwidth for important things, like customer orders.

9.Copyright violations
If a user downloads a pirated movie from your network, you could face liability. Web security can block access to these download sites, and block torrents and peer-to-peer sharing so you don’t worry about C&D letters or lawsuits.

With strong web security protection technology in place, you protect your users, your infrastructure, your data and, ultimately, your company. Look at web security as a critical component of your information security strategy.

This post was provided by Casper Manes on behalf of GFI Software Ltd.