Proxy (Secure Web Gateways)

Our latest Client migration was a 180-seat organisation who traditionally had always been on premise based. Sceptical of the “cloud” and the merits of migration, the move to Office 365 was predicated on their exchange environment being due for a technical refresh and a business decision needed to be made against investment in new physical hardware versus the potential of any cost savings when migrating to Office 365.

So, you are a network admin, in charge of a small to medium size IT environment. Endpoint management is key to keeping the network functioning as it should, Anti-Virus is installed, Anti-Malware is installed and you have a healthy patch management utility that keeps all machine OS’s (including Servers) up-to date.

You may be using on prem exchange, Office 365 or Gmail for business. Your information security policy (ISP) is up to date and staff have all signed it to confirm they will comply with how the IT network is to be utilised. You carry out random phishing experiments on a quarterly basis to understand if staff have headed the warnings about trusting email and web content that they may receive or utilise on a daily basis. These phishing experiments tie in nicely to the education you provide twice yearly to all staff based on the latest internet threats that exist or that they could be subjected to.

Technology Installed:

The Scope

The reality of the situation is you might be undertaking some of these best practice elements, but not all. Irrespective of what you are undertaking currently, the fact of the matter is you are in part reliant on your staff member making the “right call” when presented with a situation or circumstance.

You might have staff that travel. They may utilise free WIFI or “open” networks to create a VPN tunnel back to the corporate network for access to systems and or documents that are on the network.

The corporate device they are using to connect might be an image that allows browsing the internet off of the domain, how can you further safeguard the endpoint in circumstances such as this and when that device is on the corporate domain either remotely via VPN or locally within the network.

The resolution

It’s difficult to mitigate all potential risks on a network at any given time, however extra levels of protection do exist, whether the user is connected on the network or not.
Secure Web Gateways come in many different guises, agent and browser driven, but are now becoming essential in the protection of endpoints and ultimately the network estate. Phishing activities are becoming more of a threat and ever sophisticated in relation to their look and feel and the way they are executed.

More worryingly is the “personalisation” of these activities which adds significant authenticity to the request.

Outside of just Phishing attempts is the security wraparound in relation to how SWG’s can examine the potential payloads within email such as embedded links, the ability to identify profanity within emails, and the ability to recognise certain images that otherwise your users should not be subject to.

Add this type of email protection combined with web protection to guard against users accessing web content that they should not – non validated URL’s, potential URL’s with payloads, sexual and violent web content, then a SWG starts to become an attractive additional protection method against aspects that are not in a network admins control, that being human error and or human misjudgement.

Download Proxy (Secure Web Gateways) Services Overview