Is your Web security solution fit enough for the Olympic Games?
After the G4S security fiasco earlier in the month, final security precautions are being made for the opening ceremony of the Olympic Games that will begin in a matter of hours.
The Government are not “leaving anything to chance” and are deploying an extra 1,200 troops, bringing the total to 12,200 armed forces personnel to carry out security checks at various Olympic venues.
With the Olympics being the largest sporting event ever held in the UK, and regarded by some as the second largest sporting event in the world, the level of security precautions is understandable, but with all the focus on physical security at the venues, are the digital security risks that could be felt globally being overlooked?
Over the past few months we have written a series of blog posts that outline some of the threats to organizations that could be caused by the Games.
It is imperative that organizations understand the potential risks caused by the Olympics and take the necessary precautions to prevent them, so below we have summarized the potential risks and precautions to take.
1. Maintaining Employee Productivity
With such an exciting few weeks of sport up ahead, it will be tempting (and dependent on your current Web filter, very easy!) for employees to watch the whole thing live on their computers when important tasks should be given their full attention instead. To maintain a high level of employee productivity, the first step is to re-visit your organization’s Acceptable Use Policy (AUP) to ensure it is up to date and covers emerging issues; social media, BYOD, streaming etc. A common mistake is that the AUP is only ever seen at an employee’s induction, and quickly forgotten about. Maybe it is time to give your staff a quick reminder about what is a Web browsing taboo, and what is acceptable?
But what about when an employee wishes to check the latest results or catch the men’s 100m final that happens to coincide with their lunch hour? Unlike legacy Web filters, a next-generation Web filter will go beyond simple allow or deny lists and give the administrator the ability to set certain times that a user group is allowed to access non-work related content. Another option is set a quota of personal browsing time that can be used up over the day, and when the quota is met, access to non-work related content will be suspended. This ensures that productivity is sustained, but when suitable, access to other content is available, keeping moral and productivity levels high.
An issue caused by the Olympics that may only apply to commuters in certain parts of the UK, but with the increasing use of mobile devices for work, managing remote working is a growing issue that is important to understand.
With tourists from around the world descending on the UK, mainly London, for the 7 weeks of the Paralympic and Olympic Games, there is to be an estimated extra three million journeys taking place daily in London. And for those of you who have visited London before, you should know how busy the city is, even at the quietest of times! To ease the pain of commuting for London-based employees, many organizations are allowing them to work from home while the Olympics’ disrupts popular commuter routes.
This could potentially cause many issues, including lowered productivity, and arguably more importantly, network security risks. Allowing unfiltered and unmonitored Web access can expose an organization’s network to a multitude of risks, so before allowing the use of mobile devices, make sure that your Web filter is deployable to filter Web access on off-network mobile devices. If the device is company owned, it may also be worth checking if your Web filter provider has a Web browsing app that directs any traffic (on- or off-network) back through the network to ensure browsing meets the organization’s AUP.
3. The Threat of Typosquatting
Some may laugh at the thought of compromising their network’s security by misspelling a URL, but it is in fact a very real threat. You may have previously been a victim of typosquatting, misspelling a web address and unexpectedly landing on a page that you didn’t intend to. Hopefully the page was completely innocent, but it is very common for these domains to harbor malicious sites with a virus that is waiting to be deployed to an unsuspecting Web user. With the beginning of the Olympics only days away, it is likely that there are a large number of these domains already registered, so what can you do to protect your network?
Typosquatting clearly highlights some of the limitations of relying on a URL database to categorize the pages your users are requesting. So deploying a Web filter that uses real-time content analysis is a smart move. That means that if the requested page contains content that you want to block, then it will be identified and your policy enforced. Secondly, making sure that you have enterprise grade security at your gateway which can block any malware from these sites before they reach your endpoints is a sensible precaution.
Hopefully this post has helped you better understand some of the potential network risks that may be caused by the Olympics, and how you can best prevent them. Please feel free to share this post on Twitter/LinkedIn/Google+/Facebook!
