Companies should define security policies for outbound Internet connections as tightly as inbound, says Network Box

Published 23rd February 2009

Companies should apply the same stringent security controls to information leaving their network as they do to inbound information, according to managed security company, Network Box.

Over the last two months, Network Box has seen a significant increase in requests from companies seeking help with blocking applications such as Skype or MSN, in order to prevent a security breach. But the problem with blocking an application is that it will often find a way through a firewall – either using ‘tunnelling’ software, or by searching through all available ports until it finds one open.

As a result, Network Box is advising companies to apply the same controls to outbound connections as to inbound, by configuring firewalls to block all outbound connections except those to secure proxies, forcing all web access through a gateway security system. This ensures web access complies with company policy, which can be adapted to suit individual users with specific business requirements.

This approach will have little or no impact on the end user but has a huge impact on security. Simon Heron, Internet Security Analyst at Network Box, says: “Many companies still use a legacy approach of blocking all inbound ports except those known to be secure, but not applying the same to outbound. These days, companies are much more concerned with security breaches resulting from within the organisation. There are so many more applications we all use to connect from our PCs. Applications such as Skype and IM can be useful business tools, but only if they are used within the framework of a company’s overall security policy.”

For more information on Internet security, see www.network-box.co.uk.