 |
|
|
| INFORMATION |
| Published : |
Nov 01, 2007 |
| Length : |
14 |
| Type : |
White Paper |
|
| |
|
|
| Overview : |
Web 2.0 brings Threat 2.0. The web is changing fast from a one-way medium for ‘brochure-ware’ to a highly interactive, sophisticated and increasingly mission-critical platform. The new, ‘Web 2.0’ applications – from social networking to tagging, blogging and presence-aware services like IM – reflect the new web-enabled relationships forming between individuals and enterprises.
But each new development of the web brings with it a new species of parasite. Spyware, adware, keyloggers, blogspam and IM viruses seem to sprout up within days of any new trend. Clearly, it’s never been more important to protect your enterprise from the hazards of uninhibited browsing.
This short guide summarizes ten steps to web security. Do them all, and you’ll be better protected than 98% of enterprises out there. But the target never stands still. More than the steps listed here, it’s important to focus on the principles behind the steps, including: policy, vigilance, simplification, automation and transparency. Putting these principles into action starts with the steps listed here. |
|
 |
|
| |
| View All Items By This Company |
| Browse Related Categories : |
Internet Security, Security |
|
|
|
|
|
Policy, policy and policy. All web security must start with policy.
_ Policy focuses your attention – on the things you need to stop and the things you’re happy to allow
_ Policy drives up compliance – when everyone understands what’s unacceptable, responsible web use becomes the norm
_ Policy enforces fairness – by making the rules clear to all
_ Policy facilitates prosecution – of the guilty and defense against regulations demanding due diligence
It’s not difficult: create a sensible policy; make sure everyone understands and agrees with it; and enforce it with technology at every gateway.
MIMEsweeper web security products enforce your web security policy by filtering all web traffic in both directions. Any traffic that breaches policy is automatically blocked and a report or alert is generated. Now fine tune the policy.
When it comes to policy, one size does not fit all. Your policy should reflect the way you do business. A music company may allow all MP3 files while an engineering department may need to upload and download CAD files.
For most companies, these basic web rules are fairly fundamental:
_ Block viruses
_ Prevent and log Spyware call home activity
_ Disable executables
_ Only allow ActiveX from trusted sites
_ Forbid intolerant content (e.g. racial, sexual or religious discrimination)
_ Prevent access to inappropriate sites (e.g. porn and gambling sites)
_ Inhibit loss of confidential or sensitive data
After this kind of thing, policy becomes highly tailored. You may want to allow certain departments or individuals specific privileges while denying them to the rest of the organization. Or you may want to set times of day when certain activities are allowed (e.g. web shopping during lunch breaks). Or identify specific files that must never be uploaded or sent out through webmail.
The point is this: your policy should dictate your technology, not the other way around. If your filtering tools don’t let you do what you want to do, find better tools.
MIMEsweeper offers the most granular policy management in the industry. We pioneered policy-based content security and still lead the way. Attack spyware from multiple angles. Spyware is one of the more insidious (and annoying) web hazards. Fight it from three directions:
_ Stop it at the gateway – with automated filtering and spyware profiling
_ Stop it at the desktop – by scanning regularly to eradicated embedded spyware
_ Stop it ‘calling home’ – so newly installed spyware can’t get back to base for instructions
The MIMEsweeper Web Appliance uses Aluria spyware profiles to stop spyware at the gateway. Spyware downloads and call-homes are blocked by the MIMEsweeper Web Appliance using Aluria’s anti-spyware and the award-winning MIMEsweeper content filtering technology. Block undesirable URLs.
Millions of dubious websites spring up daily. You can’t keep track of them all. But we can.
Use a comprehensive URL filter to block whichever kind of sites your policy demands – including gambling, pornography, remote proxies, hate site, or webmail.
You can supplement the filter with a blacklist of your own, or be able to make exemptions with a whitelist. MIMEsweeper web security solutions include one of the world’s most comprehensive URL Filters, cataloguing over 18 million URLs and 2 billion web pages into 40 distinct categories. You decide what to allow and prohibit. We keep the database up-to-date.
|
|
|
|
 |
|
