SSL tunnels create ‘invisible' backdoors into corporate networks

Share this article:

Encrypted Secure Socket Layer (SSL) communications between internal corporate employees and external internet applications is "invisible" to companies and so comprises a "risk to the enterprise," new research has claimed.

According to a poll of over 300 enterprise security and networking professionals recently questioned by security vendor Blue Coat, 90 percent of respondents identified SSL traffic as a security worry.

Nearly 64 percent believed that not having control or visibility over this SSL traffic makes it difficult for the enterprise to comply with laws, regulations and policies over privacy and confidentiality. The survey participants were attendees of Blue Coat seminars in various U.S. locations during the past several weeks.

The same survey in major European countries showed similar results, with 97 percent of respondents viewing uncontrolled SSL traffic as a risk to the organization and 82 percent admitting that they had no visibility into SSL connections between internal users and external applications. Over half claimed that lack of such visibility made it difficult or impossible to fully comply with laws, regulations and policies governing privacy and confidentiality.

"Enterprises have been completely blind to their users' SSL traffic, and until now, have been unable to do anything about it," said Steve Mullaney, vice president of marketing for Blue Coat.

He added that SSL communications now represent a significant and growing percentage of corporate internet traffic. According to Blue Coat, recognizing the growing use of SSL, phishers are now increasingly deploying sophisticated attacks that utilize SSL explicitly as a cloaking mechanism. The firm also notes that employee use of rogue applications or anonymous websurfing encrypted in an SSL session is a growing problem, together with encrypted malware, including viruses and spyware, which can influtrate corporate networks via SSL encrypted tunnels.

Blue Coat argues that firms must take control over these unmonitored SSL "backdoors" into corporate networks. The firm advocates using proxy appliances which can terminate application protocols, and so can have a comprehensive understanding of the user-to-application interaction and its context. As a result, such proxies can provide IT managers with the power to define, enforce and audit intelligent policy controls over user/application interactions.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in News

Sign up to our newsletters

More in News

Company news: New hires at Accuvant, ZeroFox and ThreatStream

New hires at Accuvant, ZeroFOX and ThreatStream, while a divestiture at Juniper and an acquisition for BlackBerry.

News briefs: The latest on Sony, Android, Backoff malware and more.

News briefs: The latest on Sony, Android, Backoff ...

This month's news briefs cover a preliminary settlement Sony will bear for the exposure of 77 million customers, and more.

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.