Web Security requires a holistic approach in order to secure your organisation from the multitude of threats in today’s web 2.0 environment.
Good web security requires finding a balance between security and productivity, for example a financial services organisation would require very high security, granular web content control and data loss prevention technology whilst a College or University would focus on acceptable use filtering and reporting with the focus being more on productivity.
Below are the essential components required to form a comprehensive web security policy…
Web Productivity Control
The first decision when controlling web access should be based around the privileges of the individual user or group they are a member of and if the site is allowed within their policy at the time being requested.
Web Content Security
In todays environment allowing access to a legitimate sites such as general business, news, sports etc is necessary; however these and for that matter any high traffic website may harbour malware that can be executed just by visiting in whats know as ‘drive-by’ infections.
Data Loss Prevention
This is an extension of web content security and allows the IT Manager and Security Officer to determine sensitive information that must not leave the organisation.
With the advent of web 2.0 sites, users can easily upload information to a whole host of sites either accidentally or maliciously.
Web Reporting
In order to monitor the effectiveness of policies and audit transactions it’s essential that every web security solution has a comprehensive reporting facility.
All our solutions provide detailed reporting capabilities and we always aim to provide at least 3 months of live accessible data (usually 1 year) although for compliance reasons we have provided solutions with 7+ year’s data retention.
