As Google pushes for greater security across the Internet through HTTPS encryption, unprepared businesses are ironically left MORE vulnerable to cyber attacks through encrypted traffic.
In case you haven’t heard, Google is attempting to enhance security across the World Wide Web by pushing for all websites on the Internet to be encrypted. They started internally by making sure that users of Google services like Search, Gmail and Drive gain a secure connection to Google by default. In order to coerce the masses into following suit, Google has announced that encryption will now be a factor in ranking sites within its search algorithms. As a result, those webmasters concerned with Search Engine Optimization (in other words, all of them) will be looking to encrypt their sites in droves. The particular vehicle for encryption that Google has keyed in on is HTTPS.
Hyper Text Transfer Protocol Secure (HTTPS)
As Hyper Text Transfer Protocol (HTTP) is the basic set of rules that define how information is transmitted over the web, HTTPS results from adding a Secure Sockets Layer (SSL)—a protocol that uses a cryptographic system to keep data sent over the Internet private. That way, if a data transmission is somehow hijacked, the pilfered information is encrypted and unreadable.
Depending on which browser you’re using, you can tell when your connection to any website is secure by simply looking up at the address bar. You’ll notice that the URL begins with “https” and you should see some sort of icon resembling a lock. The address bar itself—or a portion of it—may also be green. You can actually click on the lock icon to check out the details of the website’s security. You should notice this when making any type of payment over the web, as credit card data should only be entered over an encrypted connection.
A Security Nightmare?
A World Wide Web full of secure websites should be a good thing, right? I mean, data protection is a major concern for businesses worldwide—particularly for organizations that must remain in compliance with government regulations in this regard. Not to mention, SSL certification also serves as a form of identity verification, in that it authenticates the validity of a particular website. In other words, they are who they say they are.
But there’s a dark side to this discussion that few have talked about. Google’s push for greater security through encryption across the Internet ironically leaves a great number of businesses more vulnerable to potentially damaging threats.
Let me explain. A company’s first (and sometimes only) line of defense against security threats—such as viruses, Trojans, rootkits, exploits and botnets to name a few—is a firewall. A traditional firewall inspects the packets of electronic data that travel in or out of a network or workstation, and applies a specified set of rules that it was given during configuration. If the data passes inspection, it freely moves along towards its intended recipient; if not, it gets blocked by the firewall. You can think of a firewall as a sort of data “bouncer” that decides whether or not to let a data packet into the club (the network), based on the perceived threat that the packet may cause trouble.
When traffic is unencrypted, a firewall is very effective in protecting the network from a threat embedded in the data. The firewall opens up the data packet, identifies the threat, and blocks the data from passing, end of story. But here’s where the problem lies:
Firewalls are not effective against encrypted data.
Sit back and take that in for a second, because it’s something of a dirty little industry secret. If a threat is hidden inside of an encrypted data packet, a traditional firewall can’t look inside that packet to see if danger lurks within.
80% Of Companies in Danger
A recent Gartner survey backed this up with the following statistic: “Less than 20% of organizations with a firewall, an Intrusion Prevention System (IPS) or a Unified Threat Management (UTM) appliance decrypt inbound or outbound SSL traffic.” In other words, over 80% of organizations with these safeguards in place are left vulnerable to attack through encryption.
With Google’s announcement, the amount of encrypted traffic is going to steadily increase; as will the potential for disaster. Webmasters aren’t the only ones altering their methods to conform with Google’s push for encryption across the Internet. So are the bad guys. As more applications and websites move towards encryption, hackers see more opportunity to mask their shenanigans from company firewalls and Unified Threat Management tools.
A Viable Solution
But amidst the darkness, there IS a practical solution: It’s called DPI-SSL, and it’s a feature available on Dell SonicWALL Next-Generation Firewalls, offered through Data-Tech.
Let’s break down the terminology. DPI stands for Deep Packet Inspection. It’s an advanced form of packet inspection that probes far deeper into a data packet than conventional inspection. This allows the firewall to better examine the packets for threats before permitting them access to the network. Next-Generation firewalls incorporate DPI along with additional filtering functionalities to provide far more intensive inspection and greater overall security than a traditional firewall. DPI does not, however, apply to encrypted data.
Deep Packet Inspection of Secure Socket Layer (DPI-SSL) on the other hand, takes Dell SonicWALL’s DPI technology to the next level by allowing the firewall to open and inspect encrypted traffic. With DPI-SSL activated, the traffic is decrypted, scanned, security inspection is applied, content filtering and data leakage policies are enforced, and the encrypted applications are controlled. This all happens without introducing any latency (i.e. delays) into the network.
Incorporating DPI-SSL is a relatively simple fix to combat a steadily increasing threat of disaster.
A New Level of Security and Productivity
In addition to the obvious security advantages for organizations that employ DPI-SSL technology, further benefits exist in the way of content filtering. Loopholes occur within many content filtering systems when web traffic becomes encrypted, allowing employees to access social media or view content or images that should be prohibited by company policy. If the firewall can’t see what the traffic is, it can’t discern whether or not it should be blocked.
DPI-SSL allows a company to close these loopholes and provide a safe and compliant web browsing experience for users on the network. Not only does this minimize the opportunity for employees to invite threats into the system, it keeps them from “cyberloafing” on company time.
With the announcement that technology giant Google will now use encryption as a factor in organic search rankings, websites that adopt https are quickly multiplying. The irony is, by taking this step to make the Internet a more secure medium as a whole, Google’s leaving both businesses and individuals more vulnerable to potentially crippling threats from unscrupulous individuals looking for new ways to attack corporate networks.
“It’s a challenging time for those in charge of protecting a company’s network and its data,” says Social Media and Community Professional Jason Cobb of Dell. “This has been made even more challenging by the rapid adoption of encrypted web communications. Without the ability to inspect encrypted traffic, the security solutions you deploy are only effective against the traffic that is not encrypted. When you consider the average network has 40% of its traffic encrypted, with that rate dramatically rising every year, you can see how many companies are ill prepared to deal with this emerging threat.”
By employing Dell SonicWALL’s DPI-SSL technology, offered through Data-Tech’s Firewall as a Service solution, organizations can effectively protect their networks against threats masked behind both secure and non-secure avenues.
Data-Tech is dedicated to providing superior solutions precisely tailored to your technological needs. We employ highly skilled professionals in the industry to implement our solutions in order to ensure you receive the service level you deserve. Data-Tech offers a broad selection of computer services that are available as pre-defined solutions or à la carte. Whatever you need—Computer IT Services, Managed IT Services, Cloud Services, Telephony & Cabling, VoIP, Data Hosting, Healthcare IT Management, Disaster Recovery and Backup and Business Continuity needs—Data-Tech will accept nothing less than your total 100% satisfaction.
© Copyright 2015 Data-Tech. All Rights Reserved. www.datatechitp.com