When you shop online, the padlock icon on the bottom of your screen tells you that any information you’re sending is encrypted using a protocol called Secure Socket Layer (SSL). But it may also signal dangerous traffic.
SSL traffic is all but invisible to an enterprise, according to a survey of 319 IT security and networking professionals by Blue Coat Systems. More than 72 percent said they had no way to look inside SSL traffic, a situation that nearly 90 percent of the respondents said was risky, particularly as it can pass through firewalls unseen and untouched.
Attackers—or devious employees—can be taking advantage of this blind spot. Spyware or malicious code could be transmitted from a Web site that uses SSL, or employees can use a program that allows them to use SSL to bypass corporate safeguards (such as restricted Web sites). So, employees can bring in infections, or send out confidential data, right under the IT administrator’s nose.
A number of vendors, including Blue Coat, make network appliances that manage SSL traffic and allow administrators to lock down rogue SSL applications.
@ Highlights from the survey are at SM Online.