Google’s Safe Browsing service has been available since 2006. It provides warnings regarding the current safety status of websites through a safe browsing transparency report, which aims to safeguard users from harm and encourage safe web security practices. Google’s tool scours every domain within a website in order to alert users and webmasters to security issues, no matter how minor.
Even the most seemingly trustworthy websites can experience security issues, such as a temporary malware infection or a user uploading content that’s deemed to be dangerous. Just this week — and not for the first time — Google declared its own web properties as “partially dangerous,” providing users with the warning that “attackers on this site might try to trick you to download software or steal your information.” The issue was short-lived and, according to Fortune, was resolved by the following day. It also didn’t affect all of its web properties, being largely confined to online discussion boards and forums that house user-generated content.
Raising Awareness of Website Safety Issues
Although brief, the issue garnered publicity and will have the welcome side effect of highlighting the importance of safe web browsing habits. Organizations should take note and take steps to ensure that their employees are aware of the issues involved so they’re better able to protect themselves. For example, they should always look for symbols on websites, such as padlocks in the browser bar, that indicate the integrity of a website and show that its security certificate is valid.
However, education alone isn’t sufficient, as witnessed by the ongoing success of phishing campaigns that aim to dupe users into unsafe practices such as clicking on tainted links or malicious attachments to emails. Even if a website is considered to be a trusted information source and appears legitimate, that’s not always the case.
Technology Will Raise the Bar
To ensure safe browsing for employees, organizations should take extra precautions by deploying technology controls, such as blacklisting and whitelisting websites, which blocks those known to be bad and ensures unfettered access to those deemed safe.
However, extra caution should be taken with mobile Internet and application access. In many cases, employees try to access websites that aren’t necessary for the business which might harbor malware, or mobile applications that aren’t sanctioned for use by the business. Using highly secure devices, such as those equipped with Samsung Knox, do much to help alleviate security concerns. Knox Workspace provides separate containers for work and personal use so that organizations are able to control what users can place in the work container portion of the device, and can set policies regarding what resources users can access. If the container is compromised, such as with malware, it can simply be wiped clean.
Samsung also provides APIs for connecting to mobile device management (MDM) systems from major vendors, which enable organizations to remotely manage settings, policies, applications and functionality for mobile devices. Most MDM systems can customize web browsing entitlements according to an organization’s requirements, providing capabilities such as the ability to disable native browsers and drive all traffic to a highly secure browser, where IP addresses can be whitelisted and browsing history can be captured.
Given the volume and sophistication of online threats today, organizations can never be too secure. Services such as Google Safe Browsing help by showing the current security status of websites, but aren’t sufficient at the user level for ensuring a safe browsing experience. A combination of security awareness training, highly secure devices and the complementary capabilities of systems such as MDM will vastly improve an organization’s security posture when it comes to website safety.
Learn more about how Samsung KNOX can help your business provide the mobile security it needs.