Tag: dns filtering

What is Continuous Authentication?

Technology users today are spoilt for choice when it comes to the types of devices and the variety of platforms through which they can stay connected to work and social groups. They can access their accounts from simply anywhere and at any time, as long as they can authenticate their identities.

However, the process of authentication as we know it has remained largely static – the user provides the system with their credentials at the time of access, the system matches it against its database of user data and provides the user access to the network on successfully validating their credentials.

Continuous authentication brings in a new approach to network security, and the reception it has received goes to show the importance companies attach to their security today. Continuous authentication can help your organization protect itself from ‘session imposters’ who try to take over sessions which are open even after the employee is done using them. It also helps you protect your network from credential stuffing attacks and phishing.

What is Continuous Authentication?

In continuous authentication, users are rated based on ‘authentication scores’ which aim to determine, based on user behavior, if the user is actually who he/she is claiming to be. With advanced algorithms which are fast becoming smart enough to understand human behavior, networks can essentially monitor user behavior to determine a user’s authenticity. 

For example, in a banking application, if the security solution detects an anomaly in user behavior, it can prompt a logout or request for additional information like fingerprint or password to ensure that the account is used only by the designated person.

Continuous authentication has become powerful enough to analyze information from the various sensors of smartphones and other devices to monitor the pressure on the keypad, the amount of time being spent on an application etc. 

With certain continuous authentication solutions, organizations can also assign restrictions based on tolerable risk by specifying the minimum confidence score and factors like a user’s location or time of the access request. 

When you implement a continuous authentication solution, think in terms of acceptable risk and context – certain applications in your network might need lower authentication scores than other, more critical, applications. 

While planning to deploy a continuous authentication system, it is also important to ensure that it is compatible with your existing security solution and covers all the areas of your organization’s network.

We understand that cybersecurity is becoming more fluid and security solutions are becoming more powerful and customizable. Akku’s DNS filtering and geolocation features can be used to score your users, and this information can be used to continuously authenticate them. To know more about how we can help you, get in touch with us now.

DNS Filters for a Safe, Compliant, Productive Workplace

 

Domain Name System (DNS) is an addressing system used by the internet through which domain names are located and translated into internet protocol (IP) addresses. When a user attempts to access a website through an internet browser, a DNS query is performed. The DNS server matches the request to the respective IP address of the domain and responds to the query by loading the requested web page on the user’s browser.

So what is DNS Filtering? It is a technique by which access to specific websites, web pages, or IP addresses, can be blocked or permitted. If a DNS filter is in place, the IP address being returned from the DNS server will be checked before it is permitted to load on the user’s browser. Therefore, DNS filtering ensures that the user is protected from online threats like viruses, malware, ransomware, and so on. DNS web filtering can also be used to block inappropriate websites and web pages that the user may be searching for, especially at the workplace.

Continue reading DNS Filters for a Safe, Compliant, Productive Workplace

Safer Interactions with the Internet through a Web Application Firewall

The internet represents a revolutionary step forward in the way data is stored and accessed, and in the way business is done. Most enterprises make use of user-friendly websites or web applications which allow their users to interact and transact.

But allowing users to seamlessly interact with your server and database presents some problems too. Primary among them is that it is difficult to differentiate between genuine users and hackers.

This is where a Web Application Firewall (WAF) comes in. A WAF allows you to protect your servers from online attacks on the internet.

For instance, there may be several nodes or entry points into your network, which security threats from the internet can penetrate. A robust security solution should ensure that these individual layers or nodes stay uniformly protected. Even if one of the layers is compromised, the impact of the breach could be severe. But micromanaging the security of every node in your network is time-consuming and invariably increases the latency of system operations.

A Web Application Firewall (WAF) can help you ensure the security of your network by monitoring and controlling all the HTTP conversations that your systems have with the internet.

What is a WAF and how does it work?

A Web Application Firewall comprises a set of instructions or protocols which have to be adhered to when using web-based applications. It protects your network and servers from websites whose scripts could be infected with malicious code intended to breach your security and access your data.

While using web applications, your searches and actions are considered client requests. These requests are processed by proxy servers which are kept in place to protect the client system. The proxy server receives the correct response from remote servers and transmits the data back to you.

A WAF acts a reverse proxy which protects your servers from attacks. It is an intermediary layer between the client and server, which makes it seem like the response is forwarded by an actual proxy server.

Website Filtering using WAF

A robust WAF comes with advanced DNS filtering features which examine every request from your network and send back only relevant and secure results. In addition to providing a layer of security to your servers and filtering websites based on its security loops, an effective web filtering solution should also simply allow you to blacklist websites because they could be irrelevant to the work done by your employees. Unmoderated internet access can have serious repercussions in terms of productivity drain.

Akku from CloudNow Technologies is a comprehensive solution to all your website filtering needs. It is a cloud-based web filtering software which allows you to specify which domains need to be blocked, for any reason – especially security or productivity concerns.

Addressing Challenges in Implementing “The Use of Company Property” policy at a Leading Insurance Company

Company X is a leading insurance company which provides laptops to all employees for their work, regardless of their grade in the organization’s hierarchy.

The company has deployed a gateway firewall, incorporated with a DNS filter to blacklist or whitelist access to certain websites. In this manner, users are denied access to malicious websites, and threats due to unauthorized website use is prevented while users are within the office network.

How DNS Filtering Works?

Whenever a user makes an internet search, a request is passed on to the network through an IP. However, when DNS filtering is implemented in an organization, the relevant web page is redirected to the firewall where the restrictions are verified. If it has been blacklisted, access to the webpage is blocked.

Loophole Causing Security Concern

When more and more users beginning to work from home or work while travelling using the laptops provided by the company, Company X began facing new security concerns.

Although the firewall’s DNS filter was effective when users were within the office network, the user’s laptops were outside of the firewall’s reach. This meant that users could access any site or download any software without any restrictions, exposing the company-owned devices (COD) at risk due to unauthorized websites. This, in turn, threatened to compromise both the devices and the data stored in them.

It also made the devices non-compliant to the Company Owned Device (COD) policy.

Prognosis

The DNS filtering rules set by the company no longer applied when users took their devices outside their network and firewall. Addressing this issue, CloudNow’s Identity and Access Management (IAM) solution was deployed. With its website filtering feature, maintaining DNS filter rules was made possible, even outside the firewall.

With Akku, requests made by users to access any website goes through its DNS filter, which checks for restrictions and blocks unauthorized web pages. Here, the router acts only as the connecting bridge to the internet. This makes it possible to maintain website blocking instructions for devices, disregarding where the users access them from through the internet.

Why is DNS Filtering Outside your Firewall is a Necessity?

It is a vital for all organizations to increase the security of their data by preventing access to malicious websites in CODs. Additionally, this feature ensures that all CODs comply with security standards and remain audit-ready.

Maintain your DNS filter rules even outside your office premises with AKKU’s website filtering feature.