Best Practices For Monitoring Encrypted Data

白書

Once used to increase the security of Internet traffic, encryption can actually make some types of security monitoring more difficult. Many firewalls and other security tools do not understand encrypted traffic, and many organizations have chosen to pass encrypted traffic into their networks without security inspection just to keep communication flowing. Unfortunately, this creates blind spots in network visibility—areas where the organization is unaware of the traffic moving inside and exiting its network.

Knowing that blind spots exist, criminals have increasingly encrypted their attacks to avoid detection and cover their tracks. In a May 2016 study, “Hidden Threats in Encrypted Traffic,” Ponemon Institute found that 40% of cyber-attacks leveraged secure sockets layer (SSL) encryption to bypass traditional security solutions 1. It’s no coincidence that, despite the introduction of more sophisticated prevention and detection solutions, cyberattacks and data loss continue.