Web security is an often neglected yet essential part of developing any web application. It is estimated that businesses lose annually 11.5 billion dollars to cyber attacks and this amount is expected to grow. Having a secured application is more important than ever. There are plenty of web security controls that can be implemented to prevent the risks created by web access.
Below is a list of activities that will help improve any organization’s web security.
Web filtering, while being a subset of web security, is in itself quite broad and there are various controls one can put in place to secure an environment, including:
Despite being basic and not very effective, keyword based filtering can be an option for a first line of defence, although the downside is that it can cause a large number of false positives and false negatives.
More effective and efficient than keyword filtering, category filtering allows you to decide the type of sites that are allowed or blocked.
While most web categorization companies cover a large number of sites, it is important to remember that new sites are being created all the time, some of which may be pretty obscure. These new and obscure sites might not be categorized when an employee visits them and thus you need an extra layer of security to cater for such cases. Beyond simple obscurity, just because a site belongs to a certain category it doesn’t make it safe, and this is where reputation comes into play. Category-based filtering adds good value to your web security measures but together with reputation makes it much more effective.
There are a number of benefits when you monitor different aspects of your network and system, such as:
In all cases of monitoring you are ultimately looking for anomalies, therefore monitoring bandwidth can actually provide security benefits. For example, if you see a bandwidth usage spike during the weekend, when no outgoing bandwidth traffic is expected, it is a clear indication of malware running on your network.
While having employees occasionally attempt to access prohibited sites is expected, if this happens frequently it’s important to look into the reasons why. It could be a sign that policies are too restrictive; however, it could also mean that an employee is trying to access prohibited content such as copyrighted material or hacking tools.
There are many controls that one could use to ensure that files being transferred in and out of the organization are safe. Some of these methods include:
Blocking file types and File Identification
Denying certain files, such as documents and spreadsheets, from leaving the company can help maintain confidentiality. Likewise, denying executables can protect against malware. Obviously for this to work your web security solution needs to be able to identify the real file type of any file. If web security is simply based on the file extension, then circumventing this is simple thus rendering the policy ineffective.
Checking files for viruses
Whenever a file is downloaded it is important that it is checked for viruses before allowing the employee to access the file.
Any good web security solution will provide most, if not all, of the functionality required to implement each one of the suggestions above, substantially boosting an organization’s level of web security.
The advice above is the tip of the iceberg in terms of improving security. If the organization is large, a more hands-on approach is needed and following a reputable secure development training is recommended to tackle the on-going threats you may face.