Solving Technical Safeguarding Problems
These articles describe the detail, solutions, risks and problems associated with providing safe Internet access for children / pupils and students in a School or College environment, or Internet access to other vulnerable or high risk individuals.
Many of these issues are also applicable to most organisations who have a duty of care to employees, or are required to deploy robust technology to prevent intellectual property theft or exfiltration, and as part of the suite of technical controls used to comply with data protection legislation.
There are many technical solutions and controls that can be applied each of these issues, in order to have an effective solution, multiple technologies coupled with external intelligence are required either in the form of data feeds or log processing or both.
We describe these in an accessible manner, providing an overview of the problem(s), an understanding of the issues and possible solutions for non-technical and technical users alike with links to further trusted sources of information for more detail and how the product and services we offer may be part of a comprehensive solution.
We also describe real world issues, organisational complexities and common user circumventions of some of the controls and what can be done to mitigate those. These are the most common and well known issues and areas of technology management we are asked about but this is far from an exhaustive list.
There are literally hundreds of applications and protocols available for use to circumvent firewall and other organisational Internet controls, either paid for or free in “App Stores” or elsewhere, often with in app purchases available.
These contain a variety of features and technologies utilised to bypass firewall and next generation firewall controls and allow users unrestricted Internet access.
These applications are often promoted and sold as privacy or security applications, but the reality is they are designed to circumvent firewall and content controls, bypass “geo based” content restrictions and prevent age related parental or organisational controls.
Often users will route traffic via third party countries that do not have an equivalent privacy framework or protection in place, allowing their traffic to be monitored, intercepted and possible have its integrity or their privacy compromised.
Managing Domain Name System (DNS)
Managing Commercial VPN use
Managing Torrents
Managing Tor
Managing Proxy use.
Effective User identification on the Firewall
Effective Policies
Effective Firewall configuration
Logging and Privacy
Managing organisational devices
Managing Personal devices (BYOD)
Outsourcing