Detect Threats with SSL Decryption
In the world of data networking, encryption is a critical technology that is used to facilitate everything from private communications between people to secure transactions with financial institutions. Encryption is one of the primary ways that people and groups make their communications secure, and therefore private. Without the ability to encrypt communications, everything from your social media posts to your online banking is available and readable by anyone.
The Rise of SSL
Secure Sockets Layer, or SSL, is one of the primary protocols used to facilitate encrypted transmissions. In a nutshell, SSL 'resides' between a transport protocol like TCP (from the TCP/IP protocol stack), and the applications resident on a given machine, whether desktop or laptop, server or mobile device. When one of these applications wants to communicate in a secure fashion to another user or location, it uses SSL to establish a secure connection to the machine at the other end, encrypting that data using keys that the two machines share.
SSL has become, by far, the most common tool for secure communications in the world today. It's so popular, in fact, that Google gives a rankings boost to sites that utilize SSL to secure their communications with end users. Today, there are over 17 million web pages that utilize SSL-encryption to secure and encrypt their pages, and those numbers are only growing.
The Dark Side of SSL
But SSL-encrypted traffic is also used by hackers to secure their own activities, and make it hard for security systems to detect their actions. A common strategy that hackers use is to entice a user to download malware that creates its own certificate on the user's machine, which it uses to encrypt both data leaving the enterprise, and additional commands sent by the hacker later.
At NCA, we work with companies to help them understand these threats and how to mitigate them. SSL decryption is possible using many of the firewalls and security devices found within most enterprise security infrastructures, and our staff works with customers to enable this and other security approaches within their enterprise to mitigate the attacks that companies face every day.
NCA security services provide deep packet inspection of https communications, along with a range of other security measures designed to prevent attacks coming in and unauthorized data heading out. This is just one way we keep our customers secure.
Topics: Big Data, Information Security, Firewalls, SaaS, cyber threats, SSL, Data Encryption