While many organisations focus on the obvious security vulnerabilities in their businesses such as network perimeters, there is one vulnerability that constantly gets overlooked: outbound data.
That's the word according to Brennan IT, which says that outbound communications is the more important part of the security equation.
Dayle Wilson, general manager, operations, Brennan IT, said, “The industry has done a good job educating businesses about the importance of preventing inbound attacks. What's misunderstood generally is the importance of outbound data. When businesses consider security, they must do so from both an inbound and an outbound perspective,” comments Brennan IT's general manager of operations, Dayle Wilson.
He believes that the inbound perimeter protection might be good, but most networks are still likely to be breached. So how do organisations control the damage? Contain it and prevent the attacker from conducting outbound communications.
“It's those outbound communications that let the hacker download the payload, whether that's a piece of malware or ransomware. By blocking that outbound communication, the business can stop the cybercriminal from downloading that payload, rendering the attack useless,” he says.
The problem comes when organisations don't really understand how to prevent outbound communications. That prevents them from putting strong security measures in place. Proxy servers are one way to block outbound traffic.
Wilson says that most organisations are reluctant to use proxy servers because they can block access to access websites such as non-business related sites and Facebook.
“The impact on the user experience attracts a lot of complaints, so IT managers often open up a port here or there so users can access their favourite sites. This defeats the purpose of the proxy server, which can be an extremely effective way to protect a company's data both in the cloud and on-premise,” he says.
“Organisations need to remember that protecting outbound communication is the single most important aspect of neutralising attacks. Implementing a transparent proxy server is the most effective way to do that,” he concludes.