Top Five Security Best Practices For Web Gateways

Online security will remain a top concern for both individuals and corporations throughout 2009 and beyond. Here are a few ways to protect your vital data from increasingly sophisticated malware and network attacks:

1. Join a community watch

Overwhelming malware threats in popular and trusted websites have changed the security defense game. Now users are united into community watch systems hosted in cloud services to protect each other. When one person detects malware in Web content, their request updates the community watch and allows the cloud service to protect all members. The community watch sees more Web content than any one entity and has more defenses and resources to leverage than a single entity. Try community watch protection at home for free. Get started now at www.k9webprotection.com.

2. Change your ‘one against the Web’ defense

Your existing Web gateway alone cannot compete against criminal computing grids that profit from data theft and continually expand their reach and technical sophistication. Your Web gateway alone cannot match the collective knowledge that exposes malware, Web threats and new Web content from multiple sites. Signature defenses and daily updates are outdated forms of protection. Instead, your Web gateway should adopt a hybrid design by using community watch services for protection in numbers with five-minute updates. Leverage the large-scale defense maintained by more than 50 million users.

More from Biztech

Future Group - Reliance Retail Deal approved by CCI RBI ban on cryptocurrencies takes effect; prohibition could force investors to tap the black market

3. Update your policies from productivity to protection

If your Web gateway is more than a year old, it was most likely deployed to increase user productivity by blocking objectionable and unproductive websites. However, with more than 90 percent of malware coming from trusted and popular websites, the Web is now the leading infection point. Many popular sites suffer from injection attacks that lead to transparent malware downloads from unrated hosts. Most Web gateway policies designed to increase user productivity allow access to unrated hosts and downloads. To increase protection, Web gateway policies need to change to block downloads from unrated hosts and sites with suspicious reputations, thus closing an access path for malware.

4. Leverage real-time Web rating services

Web content is generally filtered using methodologies that use daily updates to static URL lists at customer sites. However, no URL filtering list provides a rating for all Web content, nor can URL lists keep up with frequent Web content changes and newly published content, as well as update categories every few minutes. For new Web content, a real-time rating service extends the value of a URL filtering solution. Also, the real-time rating service extends its value to remote users, thus providing on-the-fly Web content ratings to enforce acceptable use policies at the Web gateway and remote laptops.

5. Protect your remote users

De-parameterisation protects users in remote locations such as airports, hotels, coffee shops and homes. As laptop purchases continue to outpace the desktop market, the number of remote users will continue to increase. Therefore, network design goals must expand to include more remote users outside of the Web gateway. Adding a client agent tied into a community watch from a cloud service can help better protect remote users. Centralised policy management can provide further protection with Web content filtering and malware blocking of known hosts detected by the community watch defense.

Young is VP-Sales, Asia Pacific, Blue Coat Systems.