Web Attacks

Block websites, not your users.

Modern web browsers have significantly evolved beyond their origin as a handy window into the internet. They are now effectively operating systems that run web-based applications and store your data. With just one flaw in an application or browser, an attacker can gain complete access to sensitive company information.

In today’s business environment, many integral tasks of an employee’s job are completed via the web, so you must find the balance between blocking the bad and keeping your workers humming along without run-arounds or timely delays.

The wrong way to protect against web attacks:

“Eliminating web threats is as easy as restricting certain online websites.”

The smarter way to protect against web attacks:

Preventing access to restricted websites is a good start, but additional strategy is necessary. Web browsers and social media platforms have become so robust and advanced their vulnerabilities are constant targets of malware authors. A good plan to defend against web threats includes a combination of web filtering, browser patching, smart management practices, a safe social media strategy and constant adjustments to changing threats.

How we approach web attacks

Web filtering with social media in mind
At a basic level, web filtering allows you to define categories for which sites are acceptable and which are not. But what to do about social media? Facebook, Twitter and LinkedIn can be extremely beneficial to businesses; however, they have become a prime target for attackers. While it is difficult to strike the right balance between taking advantage of social media and exposing yourself to the inherent danger, RJS offers a combination of technology and training to reduce risk to an acceptable level.

It’s not just websites … it’s the browser, too
By defining an organization-standard browser and associated plug-ins, you begin to regain control over your environment. Many attacks focus on additional modules like PDF, Flash and Java viewers so it is vital that a base version be defined and then kept fully-patched.

Management is key to a successful web defense strategy
One of the most useful features of a security solution is the ability to review and respond to incidents. This is particularly true for web protection. By reviewing reports, you can identify which employees are accessing certain sites and how much time they spend there. This enables you to help everyone focus on your organization’s goals through proper management of both technology and people.

The technology in our toolbox

  • Astaro Security Gateway
    Recently brought under the Sophos umbrella, Astaro’s Unified Threat Management (UTM) includes many features that provide deep protection for networks ranging from web filtering to firewall to VPN.
  • Smoothwall Guardian and Unified Threat Management
    Smoothwall provides powerful, easy-to-use software or hardware network security with integrated web and email protection.
  • Sophos Endpoint Protection Enterprise
    While there is no such thing as a “silver bullet” for security, Sophos combines numerous features to give web protection and inspection capabilities for different budgets.
  • Sophos Web Protection
    Sophos web protection provides category-based controls coupled with the anti-malware knowledge needed to counter this modern threat.
  • Sourcefire Next-Generation Firewall (NGFW)
    Sourcefire’s NGFW adds best-in-class threat prevention, as well as robust access and application control to advanced firewall capabilities.