A Modern Approach to Protecting Against Web Threats

Today’s cyberattacks continue to grow in sophistication and scale as organizations face an uphill battle protecting a growing mobile workforce that uses multiple devices, accesses sensitive data remotely, and utilizes third-party cloud services. Not surprising, cyberattacks have been considered the fastest growing crime in the US. According to Cybersecurity Ventures, global cybercrime damages are expected to reach $6 Trillion USD this year, continue to grow by 15 percent per year, and reach $10.5 Trillion USD annually by 2025. Data breaches are not only costly but they significantly impact the bottom line of any organization, particularly around reputation and IP loss, which can be unrecoverable. In the wake of the Colonial Pipeline hack, even the White House issued a historic cybersecurity directive requiring agencies to adopt better security practices.

Many security practitioners are tasked with the daunting challenge of keeping their organization’s users, devices and applications secure as cyberattacks continue to become more pervasive and intelligent. IT teams are often hampered by traditional solutions that no longer address the security needs of today’s evolving perimeter-less and dispersed network because they lack the ability to protect users, applications, and devices in an agile manner. For example, with organizations adopting cloud-based solutions – such as Google Workspace, Salesforce, Office365, Box, etc. – and accessing these solutions over the public internet, attackers now have more initial points of compromise to begin their attacks.

A Blast from the Past
Traditionally offered as an on-premises solution, Secure Web Gateways (SWG) have been around for a while and are a staple in most security stacks. With the convergence of networking and security capabilities, SWGs logically became a key component in ensuring both secure and optimized internet browsing. Today, organizations looking to implement Secure Access Service Edge (SASE) need to consider SWG as an important piece to the puzzle for protecting users from web-based threats, all while ensuring that security policies are consistently applied and adherent to state and federal regulations.

The key weaknesses of on-premises SWGs are that they are not optimized for a modern workforce and require time and specialized resources to deploy, configure and manage. Traditional SWGs often share the common trait of being anchored to physical sites and security policy not being dynamically applied to access the risk of an access attempt. Also, because they are not able to extend protection to mobile devices and third-party cloud applications, traditional on-premises SWG provide very little visibility, control, or actionable analytics in a “work-from-anywhere” world.

Now Updated for Cloud
To address evolving IT landscapes and security needs, the next generation of Secure Web Gateways is cloud-native, cloud-delivered, and cloud optimized so that organizations can offer secure connectivity for all users over the internet regardless of location. Cloud SWGs are not tied to legacy appliances and offer an innovative set of security and networking capabilities in a flexible, elastic approach. As users connect to the public internet, a cloud SWG can help organizations by:

1. Blocking access to inappropriate websites to protect users against malicious threats on the web such as malware and phishing sites

2. Ensuring compliance with corporate, state, federal, or industry regulations

3. Identifying and containing potential and suspicious threats for analysis and reporting

4. Prioritizing security incidents to speed up time-to-resolution

Ensuring Data Security
The foundation of protecting web traffic is ensuring data integrity and privacy. Therefore, most of the traffic on the internet needs to be encrypted, and all cloud services need to leverage SSL or TLS encryption to protect user data from malicious actors. However, SWGs needs to be able to decrypt, inspection, and then re-encrypt all traffic to perform security checks that ensure the traffic is compliant with corporate policy.

Traffic to and from the internet introduces risks and modern SWGs should decrypt a data packet only once when performing security checks to minimize points of compromise. Every time a data packet is opened and inspected, there is a corresponding increase in both security risks and network latency. Modern SWGs need to be able to provide a comprehensive set of capabilities for security visibility and control to both on-premises and cloud resources in a single pass. This single pass decryption preserves data integrity, bolsters security hygiene, and optimizes connectivity.

How a Modern SWG Works
A SWG is a cloud service that is able to protect access from any device. When a user accesses the internet from their device, instead of connecting directly to a website, the user traffic is routed through the cloud-based SWG. Before allowing the requested access to traverse to the intended destination, the SWG performs a range of security checks to protect the organization from potential web threats, all while ensuring the access attempt is compliant with policy. As an example, these security checks should include URL and deep packet inspection, SSL/TLS decryption, malware prevention, content filtering, user authentication, application control, and more – all done in one pass. While the SWG is simultaneously performing these critical security checks, all application and traffic activity should be optimized so there is no latency or disruption to the end user experience.

A modern SWG is an important security function that organizations need to consider implementing as they begin their SASE journey. Key benefits can be realized, including preventing data leakage to the web, defending against attacks, controlling and authorizing user access, protecting mobile devices and gathering granular real-time web traffic analytics. Tightly integrated SASE solutions enable organizations to deploy SWG and other SASE functions selectively to start, and easily add on additional functions as they scale. Together, these cloud services provide enterprises with a secure architecture with context- aware, intent-based technologies, enforcing security no matter where devices, users and applications are located.

Featured

  • Maximizing Your Security Budget This Year

    7 Ways You Can Secure a High-Traffic Commercial Security Gate  

    Your commercial security gate is one of your most powerful tools to keep thieves off your property. Without a security gate, your commercial perimeter security plan is all for nothing. Read Now

  • Making Safety and Security Intrinsic to School Design

    Public anxieties about school safety are escalating across the country. According to a 2023 Gallup report, 44% of parents fear for their child’s physical safety at school, a 10 percentage-point increase since 2019. Unfortunately, these fears are likely to increase if the incidence of school tragedies continues to mount. As a result, school leaders are now charged with two non-negotiable responsibilities. The first, as always, is to ensure kids have what they need to learn, grow, and thrive. Sadly, their second responsibility is to keep the children in their care safe from threats and physical danger. Read Now

  • The Power of a Layered Approach to Safety

    In a perfect world, every school would have an unlimited budget to help secure their schools. In reality, schools must prioritize what budget they have while navigating the complexities surrounding school security and lockdown. Read Now

  • How a Security System Can Enhance Arena Safety and the Fan Experience

    Ensuring guests have both a memorable experience and a safe one is no small feat for your physical security team. Stadiums, ballparks, arenas, and other large event venues are increasingly leveraging new technologies to transform the fan experience and maintain a high level of security. The goal is to preserve the integrity and excitement of the event while enhancing security and remaining “behind the scenes.” Read Now

Featured Cybersecurity

Webinars

New Products

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3