Wash your content clean - and stay safe
Pornographic pictures, gambling, looking for a new job, playing games, shopping, booking a holiday or weekend away, entertainment - is this what you are paying staff to spend their time on at work?
Do you know what your staff are looking at over the Web? If so, is this still the case when the traffic is encrypted? Can you audit this data and make it available to management through a forensic archive? Can you create policies by individual users to restrict what they can and cannot look at? Are you able to protect your network from nasty executables being downloaded by accident from Web sessions? In short, do you have control of your business?
If you are not sure, you need Webwasher to control exactly what staff can and cannot access on the Web, and you need Cryoserver to forensically audit and archive every transaction they undertake. These two building blocks from the within the Condyn Security Framework enable organisations of all sizes to protect their networks, staff and business from misuse, abuse and malicious attacks.
More and more organisations today are implementing the technology needed to protect the most utilised and critical form of business communication - e-mail. Increasingly it is understood that threats including viruses, spam, phishing and spyware can cause significant damage to a business as well as incurring avoidable costs, but many still fail to take seriously the risks that ordinary Web traffic presents.
Pornography and `adult` content, infotainment and entertainment, recruitment and inappropriate sites of all types can seriously damage not only productivity and efficiency, but also an organisation`s reputation, opening it up to legal and regulatory risks. Web access can be an open door intentionally and unknowingly in and out of networks unless controlled.
Dr Horst Joepen, the Vice-President for Strategic Accounts at Secure Computing Corp, highlights that this severe lack of Web security means, with today`s active Web content technologies and browsers executing these technologies, even a simple click on a harmless looking link can be sufficient to make a desktop part of a zombie network and hand over control to the attacker.
Analysts estimate that only between 20% to 40% of companies are protecting their Web traffic with some kind of Web filtering or content security management product.
"Over 50% of all companies are leaving themselves wide open to intruders getting into their network or employees to misuse the network to send out confidential information or visit non-business-related Web sites from the workplace," said Stuart Winter, Condyn`s Sales Director.
"Limiting your Web traffic to non-active or unencrypted content is also no longer an option as many Web-enabled applications including Web catalogues, Web-based ordering systems and even Web mail interfaces are now all making heavy use of such facilities, which makes active and encrypted content both an increasingly vital reality and a real headache."
But there are other considerations too, he notes. "Hackers are security-sensitive and prefer a secure channel for their attacks. So much so that over 70% of all Web traffic-based attacks are using HTTPS (SSL encrypted HTTP). In the same way insiders also prefer encrypted channels when trying to bypass corporate policies. So what can you do?"
Secure Computing`s Webwasher product suite was first in the market to offer an SSL scanner as part of a highly scalable, integrated solution. It is capable of decrypting, redirecting for inspection and then re-encrypting all HTTPS traffic, both inbound and outbound. As a useful addition to enforce compliance it also has a certificate-checking capability which allows restricting HTTPS access only to sites with trusted and valid certificates.
Andre Grove, Condyn`s Product Director, says: "To be able to document and prove compliance with legislation as well as with corporate policy, reporting is as important as the filtering/blocking functionality itself."
Webwasher Content Reporter can be used to generate comprehensive reports about events which have been logged by Webwasher and a variety of other products like firewalls. Because of its database architecture, it can produce a large variety of summary reports as well as supporting individual drill down forensic analysis.
"It can be used to give clear answers on questions like `did employee X access Web page Y at a given date and time?` and track down even single events which have occurred within terabytes of Internet traffic," he noted.
Oliver March, an IT Security Specialist at Condyn, highlights how essential it is to combine the Webwasher secure content management solution from Secure Computing with the forensic archiving and retrieval solution from Cryoserver in order to be able to fulfil regulatory obligations.
"The Webwasher solution deals with any attempted intrusion entering or leaving the organisation through HTTP / HTTPS, the Cryoserver solution then provides an `evidence` audit trail of what was actually searched for. In this way an organisation can comprehensively manage both internal and external compliance issues."
Chris Jolly, Chief Technical Architect for Cryoserver, explains that Cryoserver`s forensic approach to e-mail compliance is unique and is now being applied to other forms of digital communication. "We have an extensible framework for storing and indexing documents and metadata so we can now accommodate IM, soon HTTP (by the end of 2006), as well as voice and other messaging technologies such as SMS. Cryoserver`s distributed architecture enables us to address the challenge of performance and scalability in a heterogeneous digital communication infrastructure."
Where traditionally an organisation would employ a simple storage management or e-mail archiving solution, interest in Cryoserver is exploding, due to the fact that neither of these legacy approaches can cope with the rigorous demands being placed on organisations to ensure all of their messaging streams are fully monitored, managed and forensically viewable. Cryoserver stores `messages` such as e-mail and IM which are sent to, from and around the organisation. This data, stored in a tamperproof appliance which protects the information from being altered, creates an audit that can be used evidentially in court.
Because of the nature and architecture of the solution it makes it quick and simple to search through the stored archive to retrieve information based on a user`s wide range of search criteria. While an individual can search all their own records, a privileged user can do a search across all data within the archive. However, whenever a privileged user undertakes a search on an individual, the search is audited by a data guardian, this data guardian is notified of the details of the search, who carried out the search and for what reasons.
With Cryoserver in place you are not only providing state of the art and strong protection of your company`s most valuable information assets being sent by e-mail, it also provides peace of mind to the IT organisation and allows it to focus on providing higher business value to the company.