Don’t Let SSL Encryption Conceal Security Threats

What happens when security itself is a security shortfall?

Seems like a paradox, but it’s not. Some of the fundamental technologies used to secure transactions can themselves pose unexpected challenges to security professionals.

Take, for instance, the case of HTTPS Web services based on Secure Socket Layer (SSL).

These are used to encrypt transactions in sensitive cases like:

Social media (where SSL is commonly used to provide secure log-in)
Some types of e-mail (not just logging in, but all subsequent tasks)
E-commerce of all kinds
Banking, bill-paying, and investment management services of all kinds

Now, it’s obvious these services should be encrypted. But because SSL encrypts data, that also means HTTPS transactions can inadvertently conceal something that turns out to be a threat to security.

Here’s a simple example. Imagine an organization that uses SSL to secure Web e-mail; this means all e-mails and their attachments are encrypted as they’re transmitted over the Internet.

So far, so good, but what about e-mail attachments that include malware?

Since the malware is encrypted, whatever security solutions might normally detect it, and stop it, don’t get a chance. This means the malware makes it into the infrastructure, where it can subsequently wreak all kinds of havoc once activated.

SSL security threats of this sort are already significant, and they’re only likely to get worse going forward. That’s because SSL traffic isn’t down, it’s up — way up — and climbing every day. According to industry analyst Sandvine, in fact, SSL traffic will make up more than half of all Internet traffic worldwide in 2016, topping out somewhere around 66% by year end.

So what to do? It’s probably helpful for you to know that Resilient is very familiar with this issue and ready to help you resolve it to whatever degree is appropriate in your case. We concentrate on leading-edge, best-in-class network security solutions, so we can guide you toward the ones that best match your needs, challenges and infrastructure.

In the case of SSL encryption, for instance, it’s possible to use SSL inspection solutions to handle the problem described above.

These work almost like customs services at national boundaries. As encrypted traffic comes in, the solution swiftly decrypts it — meaning it can now be inspected for security shortfalls, in any way you see fit. Then, if no problems are found, the traffic is re-encrypted and forwarded along to your network. This way, you get all the security of HTTPS services with none of the potential shortfalls.

Resilient can also help you learn about, and implement, the best practices to get the most out of a network security solution investment. For SSL inspection, for example, we’d suggest that you:

Carefully consider exactly which services merit encryption — and inspection — and which don’t.
Get a solution that supports dedicated hardware acceleration, for best performance.
Roll out inspection in logical stages, and gauge the impact as you go.

In time, you should be able to achieve a substantial improvement in overall security with minimal impact on performance and user productivity.