Who is watching your web traffic?
Approximately two weeks since my last post I write again this morning (times as per current location) whilst on a break in between sessions in a Worldwide Technical Symposium based Las Vegas. This is where a number of Symantec Technical employees attend a five day conference to not only enhance their knowledge around Symantec products and Solutions, but to also develop existing relationships further and knowledge share, ultimately to ensure our customers have a much better experience. We are all here so we can better protect the world people and information.
I am sat near the front of the lab today, learning about the advanced configurations of the Symantec Web Gateway and how it works when connected to SSIM and the DLP offerings - powerful is a plain understatement of what this solution can do for an organisation.
Whilst I write, a lot of the people in the lab have gone for a quick coffee break and I am sat here with approximately three other people, who in the background are asking the instructor a number of questions. I was reflecting on the week’s events, how much I have learned, the people I have met and the knowledge I have shared. Whilst my mind was thinking about the intense collection of events, everything to the eyes was a haze, the fluorescent lights were directly above me and the air conditioning seemed to be around the twenty degrees Celsius mark. At this moment a thought from yesterday morning suddenly entered my mind, and all of a sudden it seemed as though there was a chill in the room, just at the mere thought. This was what inspired this post.
I was in my hotel room with the alarm clock set at 04:00 in the morning when I woke, as usual, I walked over to the laptop and tried firing up the VPN as usual in order to connect to my emails and make a few important calls - around midday in the UK. When I tried to connect, it seemed there was no Wi-Fi connectivity, not enough for a stable connection anyway. I then used the wired cable (always a first choice usually due to speed) and perfect, connected I was. I then connected to the VPN, made a couple of quick calls and responded to some urgent emails before disconnecting from the VPN. I was now prepared for my day of training - there were no urgent actions outstanding.
I then proceeded to check my social networks and browse the internet generally, and realised I wasn't on the corporate VPN, where everything is encrypted, yet was in a large hotel in which thousands of guests were staying, thousands were on conference and all it needed was one person with some pretty basic skills to see exactly what I was doing when connected to the hotel internet, with the option to see my passwords for a number of sites. The internet is a public service at this location and if someone wanted, they could easily try and compromise my machine or do anything to my online life by using a few simple, readily available tools to sniff my web traffic.
When I reversed this thought, I then thought to myself, how many other people are here on business and how easy would it be to compromise their machines? What damage could be done by using some freely available tools on the internet and the result? The damage could be a vicious circle and many organisation's could risk losing data from their remote staff when they travel like I have done here. In this instance, I know my laptop has Symantec Endpoint Protection installed and my web traffic was secured with the Symantec Web Security.cloud offering, and the great thing is that all my traffic was encrypted over SSL whenever I was connected, wherever I connect - even if the web pages were not in SSL. Encrypting the unencrypted and I know for sure I was safe when browsing.
The other key feature is the local datacentre discovery the agent does. Most people know I am normally out and about within the UK, and my web traffic is always filtered by the UK datacentres, however, now that I am in the US, on the West coast, I know my web traffic was being routed by the US West datacentre - with no engagement from me as the user. I had high speed internet access on my corporate machine which was protected with corporate policies.
The thought of being safe, knowing my data was un-stealable and secure on my machine was a sign of relief, and I would not be one of the travelling members of staff who could have a compromised machine or be the victim of having my traffic sniffed.
Before I return to my lab, I have listed a few of the core benefits of the Web Security.cloud service below:
Whether you have users in home offices, small regional offices, or frequent travelers, our service options for roaming and remote users can help you secure and enforce proper Web use in numerous environments.
- Promote secure Web browsing that is compliant with your policies when users are off the corporate LAN.
- Provide support for roaming users when they access the Internet from hotspots, pay-for-use portals, public Wi-Fi and VPN connections.
- Delivered over a global infrastructure, with automatically updated layers of malware defense.
- Allows for reporting on service performance and Web policy compliance of roaming and remote users.