Firewalls, HTTPS and understanding encrypted threats – Has our security turned against us?

cyber-encryptionYou’re likely used by now to seeing the HTTPS prefix ahead of many of the domains you visit, whereas just a few years ago HTTP (Hyper Text Transfer Protocol) would have been the norm. You only have to take a look at the address bar for this very site and there you have it, along with that trusty little padlock.

As the acronym suggests, HTTPS is simply an extension to HTTP which facilitates secure communication over a computer network (yep, it’s that simple, the S does just stand for secure!). Based on, and secured by, Secure Sockets Layer (SSL) technology – well, Transport Layer Security (TLS) nowadays but the SSL tag has stuck – it is now widely used on the internet to facilitate secure web browsing.

So, what’s not to like? Within the world of cyber security the adoption by websites of the HTTPS protocol has been pretty much universally accepted as a positive move. And we’re not going to argue with that, it is most definitely a good thing.

However, as the title of this blog suggests, we do have one major concern related to the prevalence of the HTTPS protocol now and it relates to the firewalls that just about every business uses to secure their network.

The problem is that HTTPS has introduced a level of security that means many firewalls can’t actually filter the traffic secured by it because the content is not accessible. Essentially, HTTPS is doing its job. But firewalls that may have been in place for many years now can’t do theirs and for a business this means one thing, vulnerability. This is the dark side of HTTPS and cyber criminals are already leveraging encrypted traffic to disguise malicious attacks.

Some may say that this is just a consequence of individual’s security online being safeguarded, which businesses must deal with. But when that individual is an employee of a business and their activity online threatens the network and data assets of that employer, surely the business has not just the right but the responsibility to do something about it?

Here at DCS, we think this is indeed the case. Businesses have a responsibility to their customers, employees and all they hold data on (especially post-GDPR implementation) to maintain the security and integrity of their network infrastructure. This is why, working with our longstanding partners Sonicwall, we now offer and deploy next-generation firewall technology, capable of filtering HTTPS content, to our customers.

Amongst the customers we have rolled this technology out to already, the number one issue we’ve found has actually been awareness of the potential vulnerabilities associated with HTTPS traffic, something that prompted the writing of this article. Many businesses may not be aware of this new security weakness, ironically introduced by advancements in online security, but once they are then most can see something has to be done.

However, we have also had concerns raised by clients in relation to the privacy of their staff and the impact that a roll out of this technology could have on the bond of trust between employer and employee. It’s a valid point, and one that’s probably a little more nuanced than the blanket interpretation we alluded to earlier in this article that a business has a right to inspect all activity on their network.

Sonicwall_WP_frontDon’t get us wrong, the business probably does have that right but many will choose to waive this when it comes to certain types of data and traffic. That’s why the Sonicwall solutions we provide are capable of being set up and working with exemptions on traffic from the likes of banking and healthcare websites, a feature we will always highlight to customers and one that has been universally deployed up until now.

As always, we believe that by understanding the nature of the threat, we are capable of introducing a robust and appropriate defence against it.

To find out more on this subject contact the cyber security experts at DCS or click here to download an exclusive Sonicwall white paper on understanding encrypted threats.

Related Posts
Season’s greetings from DCS! Here’s our festive opening hours this year…

There’s not long to go now until the Christmas festivities arrive and with them the associated business wind down that sweeps the country each year. 2018 has been a massively busy year for DCS with so many new customers coming on board, major implementation and upgrade projects being taken live and our portfolio of technology...

Read More...
Twenty Years of SAP Business One

Unless we’re talking about the birth of solar systems or the creation of the continents, most people would agree that twenty years is a relatively long time. In the worlds of technology and software though it’s a length of time during which things can change beyond all recognition, an epoch if we’re sticking with the...

Read More...
Discover the fresh new look of Sage 200…

If you’ve been keeping up with recent dcs news you’ll have noticed that the release of the 2015 version of Sage 200 has been a hot topic with this latest iteration of the popular ERP system billed as the strongest since the solution first hit the market ten years ago. To access the complete Sage 200 2015...

Read More...



dcs_new_icon

Subscribe to the DCS Solutions Newsletter

Join our mailing list to receive the latest news, views and updates from our team.

You have Successfully Subscribed!