Story image

It's not all about the network: How to protect your outbound data

01 May 17

While many organisations focus on the obvious security vulnerabilities in their businesses such as network perimeters, there is one vulnerability that constantly gets overlooked: outbound data.

That’s the word according to Brennan IT, which says that outbound communications is the more important part of the security equation.

Dayle Wilson, general manager, operations, Brennan IT, said, “The industry has done a good job educating businesses about the importance of preventing inbound attacks. What’s misunderstood generally is the importance of outbound data. When businesses consider security, they must do so from both an inbound and an outbound perspective,” comments Brennan IT’s general manager of operations, Dayle Wilson.

He believes that the inbound perimeter protection might be good, but most networks are still likely to be breached. So how do organisations control the damage? Contain it and prevent the attacker from conducting outbound communications.

“It’s those outbound communications that let the hacker download the payload, whether that’s a piece of malware or ransomware. By blocking that outbound communication, the business can stop the cybercriminal from downloading that payload, rendering the attack useless,” he says.

The problem comes when organisations don’t really understand how to prevent outbound communications. That prevents them from putting strong security measures in place. Proxy servers are one way to block outbound traffic.

Wilson says that most organisations are reluctant to use proxy servers because they can block access to access websites such as non-business related sites and Facebook.

“The impact on the user experience attracts a lot of complaints, so IT managers often open up a port here or there so users can access their favourite sites. This defeats the purpose of the proxy server, which can be an extremely effective way to protect a company’s data both in the cloud and on-premise,” he says.

“Organisations need to remember that protecting outbound communication is the single most important aspect of neutralising attacks. Implementing a transparent proxy server is the most effective way to do that,” he concludes.

How to stay safe when shopping online
Online shopping is a great way to avoid the crowds – but there are risks.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Why data backups should be a part of daily operations
"Disaster recovery needs to address complete system failure and provide a set of security policies to govern disaster incidents."
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.