Skip to content

Are you guilty of delinquent web filtering? Follow these 3 tips to secure the web

deadly-it-sin-web-filtering-150Web filtering used to be rather easy – IT departments could block inappropriate categories of websites like adult, gambling, and perhaps social media, and the job was done.

More recently, however, cybercriminals have begun to infect large numbers of users on the web by compromising legitimate sites that you probably don’t want to block with strict browsing policies.

In fact, SophosLabs detects 20,000 to 40,000 malicious URLs every day – and 80% of those are compromised legitimate websites. Web filtering that only blocks dodgy sites won’t keep users safe from web-borne threats.

As Sophos global head of security research James Lyne explains in the short video below, cybercriminals can infect web users automatically via a drive-by download.

So how can you keep your users safe on the web, and also allow them to stay productive while doing their jobs?

Here are three tips for better web security.

1. In addition to a URL filtering solution that blocks known malicious sites, make sure you perform deep scanning of web traffic as it’s accessed to guard against compromised legitimate websites. Real-time reputation filtering protects you from new malicious websites as soon as they come online.

2. Make sure you’re protecting users when they’re outside your main office. A UTM can be a cost effective way to provide protection at local sites. For those at-home and traveling workers, use an endpoint security solution that integrates web policy enforcement and web content scanning directly into your laptops.

3. Keep your endpoints and software well-patched to protect against drive-by downloads that exploit vulnerable software and applications. Limit the number of Internet browsers, applications and plugins in your organization to a standardized set and enforce their use as policy.

7 Deadly IT Sins

Learn more about web security by checking out our 7 Deadly IT Sins website. It explains common security mistakes organizations make, and offers videos, whitepapers and other free resources to help you fix them.

7-deadly-sins-600

2 Comments

Hi We were in a school recently who are now a prospective customer as a result of our visit. However they were never going to become a customer until this visit because our website was blocked and incorrectly classified as Games. The website is https://www.blippit.co.uk and is purely about education products for schools. Can you tel lus if there is a way to re-categorise our website at a product level as there was with Lightspeed via online submission?
Thanks
John

Hi John, You can complete a reassessment request here: https://secure2.sophos.com/en-us/threat-center/reassessment-request.aspx

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?