Before jumping into the relevance of Web content filtering, I would like to start with broader trends we are seeing in the field of computing. Today, we are living in a world that is largely interconnected and breaks boundaries of organizations, industries, countries and even continents. These live interconnections are facilitating us in many ways, such as fast and easy collaboration around the world through social media, rapid developments and deployments of solutions through cloud computing and deep reaches to end consumers through mobile.
However, along with these benefits, we are also getting threats from the wider exposure we now have in the global community, where malicious hackers are hidden throughout. Malicious codes delivered through unsafe websites are one of the most common ways for hackers to plant their agents inside our machines. While the benefits of the Internet’s open communication and knowledge base are numerous, there is a large possibility that any normal user (and, at times, even smart technocrats) can be trapped by these hackers.
Web content filtering, one of the key constituents for cybersecurity controls for any organization, plays a very important role in this scenario. There are various approaches and solutions available to achieve this technical control on any end user’s machine. Each one has its own benefits and drawbacks. These solutions are divided into two broad categories: inline Web filtering and endpoint-based Web filtering.
Inline Web Filtering
Inline Web filtering is the technique in which the control is installed at the Internet gateway to the organization, which intercepts all Internet traffic and applies applicable filtering policies to allow or block Web access requests. These solutions do not require any component of the application to be installed at the endpoint.
Because of this, such solutions are commonly used in many organizations. This saves organizations from expending effort by managing endpoints to implement Web-filtering solutions. Since any Internet request has to pass through the Internet gateways, this solution has been very effective for many organizations. This not only saves organizations bandwidth, but also significantly addresses cybersecurity risks. For securing activities happening from within organizational boundaries these solutions are very important and effective.
At the same time, with a considerable shift from a traditional office-based work culture to work-from-anywhere practices, this approach has posed significant challenges to many organizations. As long as employees are working from office premises, the endpoint is protected by inline filtering. However, when they connect from any outside company gateway (such as their home, hotel or any public network), their Internet access is completely open.
Though companies may not bother with bandwidth usage when employees are not inside their network, there is still a great cybersecurity risk of infection. Carrying the infected machine inside the corporate network later makes the entire intranet vulnerable to infections. Outside corporate boundaries the only control an organization can have is the endpoint itself, as there is no guarantee about the level of protection from those external networks. Because of this, organizations are seriously considering endpoint based web filtering solutions to complement their network based protections.
Endpoint-Based Web Filtering
Endpoint-based Web filtering provides a solution to the emerging problem of protecting an endpoint from Internet-bound infections regardless of the gateway it connects to. This type of solution requires a piece of software be present in the machine itself, which receives a predefined filtering policy from the central server (an intranet gateway- or cloud-based server).
In this case, the endpoint receives policy updates at a predefined interval and applies the policy from the local system. This way, Web filtering will always be active, no matter which gateway the machine is connecting through. This type of solution effectively and significantly mitigates a malware infection risk, but at the cost of additional efforts of rolling out the software to all the endpoints.
The cost of endpoint deployment has been significantly reduced by effective and automated software deployment tools available today. This makes such solutions more attractive to organizations when they have to protect end points which connecting from a non-secure gateways.
Web Content Filtering
Another significant advantage of an endpoint-based solution is its ability to address individuals’ privacy concerns, regulations for which have been quickly emerging around the world. The endpoint-based approach, by its design, can provide a fairly nonintrusive solution to address underlying concerns related to individuals’ personal privacy. Since all filtering is applied at the endpoint itself, it is possible to keep all browsing pattern information within the boundaries of the machine. These regulations are very stringent in many European countries and are becoming a norm for many other countries, as well.
A good mix of these two web filtering approach can be very effective in today’s time where, at the one hand, we see a significant increase in cyber threats, at the other hand, we are strategically shifting our day-to-day activities and operations to less secured off-premises gateways.
Program Manager – Regulatory Compliance & Cyber Security