In a controlled environment where everyone needs a unique username and password to access the network, it's much easier for network administrators to filter content. Company-wide policies exist to stop users from accessing content that doesn't relate to productivity. With wireless access points, it's much more difficult to audit, track and block content. Wireless access points can be attacked by anyone within proximity or even outside of the office, and publicly accessible hotspots have one username and password used by potentially hundreds of users. It's these wireless access points that must be filtered and controlled to protect data and network integrity.
Because there is much more anonymity with a wireless access point, attackers use these locations to identify vulnerabilities either within the local network or on other Internet servers. These vulnerabilities could be a brute-forced router password or malware injection on poorly secured servers. Some vulnerabilities aren't even the wireless access point owner's responsibility. Attackers use similar hotspot names to trick users into connecting to a malicious connection. Any website that does not have encryption (HTTPS) enabled leaves users vulnerable to MitM attacks. If users don't have a VPN connection, any plain text content is vulnerable to MitM attacks.
Phishing is a common method for data collection. The attacker can use your wireless connection to both send these phishing emails and collect data from an anonymous location. Should the attack trigger an investigation, your network access point would be the site for an attack. Using wireless hotspots, an attacker can maintain anonymity while stealing thousands of records.
Poorly secured wireless networks are also vulnerable to malware. If an attacker is able to gain access to the router or another workstation connected to the network, malware can be used to spread more malware, launch a phishing attack, or even infect vulnerable routers with botnet applications. With an infected router, your wireless network could be a part of a botnet that causes severe downtime for the Internet as a whole. Infected routers and IoT devices were the root cause of an attack on Dyn, a major provider of DNS services. This extraordinary attack is thought to have involved 100,000 malicious endpoints, the attack left the Internet in several countries slow and some sites inaccessible.
To protect wireless connections, web filtering stops malicious content from being downloaded either by unsuspecting users or attackers. Web content filtering is common with internal networks where network administrators block specifically prohibited content, but it's much rarer on public Wi-Fi access points. Even if a wireless connection should only be accessible by authorized users, it's still vulnerable to drive-by attackers capable of breaking poor encryption algorithms or phishing authentication credentials.
Web filtering can be done a couple of ways, but the most effective is DNS-layer content filtering. Instead of relying on a categorized list of domain names, DNS-layered web filtering uses the DNS lookup process required for all Internet applications and sites. Every browser performs a lookup that matches the fully qualified domain name (FQDN) with its server IP address. This IP address is what's used by the browser to contact the application server and download web content.
In traditional web filtering, content isn't blocked until it's downloaded to the browser. With DNS-layer filtering, content is stopped during the DNS lookup process. This stops attackers from finding ways to trick users into clicking links with malicious content that bypasses traditional web content filtering using alternative URLs. DNS-layer filtering is also easier to configure without the need for permissions and integration of content filtering with several different operating systems. Since the DNS lookup process happens the same for every browser and every operating system, it can work seamlessly with any network environment.
By implementing content filtering on wireless connections, attackers can no longer use it for malicious purposes putting the business at risk of legal investigations. For users, it also stops them from downloading malicious content whether it comes from a phishing email or a link found on the open Internet.
For administrators, web content filtering during a DNS lookup also reduces the amount of bandwidth used on the wireless network. Since content is never downloaded, bandwidth used to download content is reserved for legitimate content. If your wireless network is currently used for malicious purposes, prohibiting content will noticeably speed up legitimate traffic and save on bandwidth costs.
Providing bulletproof security for wireless customers can be challenging, but with DNS-layer web filtering, much of the content and attack vectors are blocked with little intervention. This type of security on a wireless connection reduces staff overhead and gives administrators the freedom to work on more important network maintenance issues. If you haven't switched to DNS filtering, one common myth is that it's too difficult and not worth the effort. This is a misconception and in fact, a single configuration change has you protected without any extra administrative work. DNS filtering is much easier to work with than traditional web filtering software. It's time to make the switch and make your web filtering more secure, efficient and fast.
TitanHQ sets the standards for cloud-based web security, delivering a range of cloud security services that protect business email, IT infrastructure, compliance, and data integrity. With new threat variants emerging daily, businesses have realized they don’t have the IT skills or budget to continually invest time and money to fight them. However, dedicated cloud security services such as WebTitan Cloud DNS filtering can devote experienced security personnel and massive processing power to fighting these emerging threats.
Talk to a specialist or Email us at email@example.com with any questions.
Sign-up for email updates...
Call us on USA +1 813 304 2544 or IRL +353 91 545555Contact Us