Firewalls, HTTPS and understanding encrypted threats – Has our security turned against us?

cyber-encryptionYou’re likely used by now to seeing the HTTPS prefix ahead of many of the domains you visit, whereas just a few years ago HTTP (Hyper Text Transfer Protocol) would have been the norm. You only have to take a look at the address bar for this very site and there you have it, along with that trusty little padlock.

As the acronym suggests, HTTPS is simply an extension to HTTP which facilitates secure communication over a computer network (yep, it’s that simple, the S does just stand for secure!). Based on, and secured by, Secure Sockets Layer (SSL) technology – well, Transport Layer Security (TLS) nowadays but the SSL tag has stuck – it is now widely used on the internet to facilitate secure web browsing.

So, what’s not to like? Within the world of cyber security the adoption by websites of the HTTPS protocol has been pretty much universally accepted as a positive move. And we’re not going to argue with that, it is most definitely a good thing.

However, as the title of this blog suggests, we do have one major concern related to the prevalence of the HTTPS protocol now and it relates to the firewalls that just about every business uses to secure their network.

The problem is that HTTPS has introduced a level of security that means many firewalls can’t actually filter the traffic secured by it because the content is not accessible. Essentially, HTTPS is doing its job. But firewalls that may have been in place for many years now can’t do theirs and for a business this means one thing, vulnerability. This is the dark side of HTTPS and cyber criminals are already leveraging encrypted traffic to disguise malicious attacks.

Some may say that this is just a consequence of individual’s security online being safeguarded, which businesses must deal with. But when that individual is an employee of a business and their activity online threatens the network and data assets of that employer, surely the business has not just the right but the responsibility to do something about it?

Here at DCS, we think this is indeed the case. Businesses have a responsibility to their customers, employees and all they hold data on (especially post-GDPR implementation) to maintain the security and integrity of their network infrastructure. This is why, working with our longstanding partners Sonicwall, we now offer and deploy next-generation firewall technology, capable of filtering HTTPS content, to our customers.

Amongst the customers we have rolled this technology out to already, the number one issue we’ve found has actually been awareness of the potential vulnerabilities associated with HTTPS traffic, something that prompted the writing of this article. Many businesses may not be aware of this new security weakness, ironically introduced by advancements in online security, but once they are then most can see something has to be done.

However, we have also had concerns raised by clients in relation to the privacy of their staff and the impact that a roll out of this technology could have on the bond of trust between employer and employee. It’s a valid point, and one that’s probably a little more nuanced than the blanket interpretation we alluded to earlier in this article that a business has a right to inspect all activity on their network.

Sonicwall_WP_frontDon’t get us wrong, the business probably does have that right but many will choose to waive this when it comes to certain types of data and traffic. That’s why the Sonicwall solutions we provide are capable of being set up and working with exemptions on traffic from the likes of banking and healthcare websites, a feature we will always highlight to customers and one that has been universally deployed up until now.

As always, we believe that by understanding the nature of the threat, we are capable of introducing a robust and appropriate defence against it.

To find out more on this subject contact the cyber security experts at DCS or click here to download an exclusive Sonicwall white paper on understanding encrypted threats.

Related Posts
Sage 200 support – the importance of getting the best service

Sage 200 support services have become something of a hot topic in recent months with significant changes taking place within the specialist Sage 200 business partner community. Whether it be through acquisitions, mergers or closures the Sage 200 support landscape has been altered and finding the right partner for your business can be a challenge. As we know,...

Read More...
Sage 200 – Your business’s competitive edge

The 2016 summer of sport has unfortunately come to an end but what a few months it’s been as Rio de Janeiro put on the greatest show on Earth when the Olympics and Paralympics came to town. The World’s top athletes convened in the Brazilian city to compete at the pinnacle of their sport and...

Read More...
Think before you Cloud…

The last decade in information technology has been dominated by one thing – The Cloud. It’s a terms that gets thrown about liberally in the media, by tech companies and by IT consumers themselves. With this being the case most of us could be excused for feeling a little “Cloud-fatigued” (I’ll admit it, this writer...

Read More...



dcs_new_icon

Subscribe to the DCS Solutions Newsletter

Join our mailing list to receive the latest news, views and updates from our team.

You have Successfully Subscribed!

Request a FREE consultation