How to Use SSL Decryption to Boost Network Security
SSL (Secure Sockets Layer) protects electronic information, such as sensitive data from cyber criminals by encrypting it. A website that has an SSL certificate has an encrypted connection, otherwise known as HTTPS. According to Google’s Transparency Report, it is estimated that over 90% of the world’s traffic will be secured over SSL or its successor, TLS (Transport Layer Security) by the end of 2019.
Unfortunately, cyber criminals have also found ways to use SSL to their advantage.
There has been a growth in SSL related attacks in recent years as cyber criminals are now using SSL encryption to mask their activity. According to PhishLabs Q3 2018 Report, nearly half (49%) of phishing websites are successfully fooling visitors into thinking that they’re safe. In the last 24 hours, our software detected 1,510 new threats – among them viruses, phishing, and malware.
Therefore, based on these threats, it has now become essential to decrypt encrypted websites.
So How Does SSL Decryption Work?
In a nutshell, the encrypted page is decrypted, inspected, and then re-encrypted. Having SSL decryption is necessary with regards to compliance with government regulations such as CIPA and HIPAA, which require that schools and hospitals safeguard those in their care.
Decrypting websites, however, is an intensive process that takes a lot of computing power, so it is advisable to be selective with what you decide to decrypt. For example, there will be websites that you do not want to decrypt, such as those containing personal information, like banking websites or emails.
The Solution – Selective SSL Decryption
At Netsweeper, we’ve developed selective SSL/TLS decryption, which is our NSProxy. In addition to being able to select which websites you want to decrypt, you can also granularly filter social media websites, meaning that you’ll have control over features such as posting or chatting and will be able to block students from visiting a post on Twitter about self-harm or a Facebook page for a hate group. The NSProxy is available across platforms and devices.
So, tell us – what are you doing to eliminate the threats on your network?