Let’s talk about applications risks.  Internet applications are becoming a threat vectors for the new generation of spyware, viruses and other malware. Many of these applications use evasive tactics to escape detection which includes hiding in encrypted SSL tunnels.  Again, traditional firewalls cannot see inside the encrypted payload therefore, missing the attack completely.  The only thing you can do is block port 443 (SSL).  Unfortunately, blocking port 443 can impact business critical applications that also use SSL to encrypt their content.

The other risk to organizations today is sensitive information leaving the network undetected.  For example: Credit Card & Social Security numbers, Confidential information sent through public Webmail accounts, Lost or Stolen information by undetected malware or bots.  These are just a few examples.

The truth is, most applications — good or bad — carry some level of risk that can result in loss of confidential information.  A recent report by the Ponemon Group surveyed users from 193 organizations and found that 33% of them have already experienced this problem from using Internet applications.  Even more shocking, about 45% of these users continued using the same applications.  No change in their behavior!

So many apps and so many risks, yet so little visibility and control.  This is why “It’s Time to Fix the Firewall”.

Share on Facebook