Cloud web filtering is used to create a safe and secure web browsing experience for employees, customers, and guest users. Businesses use a cloud based web filter to restrict access to certain website content and enforce acceptable Internet usage policies, which prevents employees from accessing pornography and other sites that can lead to the creation of a hostile working environment. By filtering the Internet and blocking access to productivity drains such as social media, gambling, and dating websites, productivity can be improved. Businesses that offer free Wi-Fi access to their customers can sanitize the Internet with a cloud based web filter and create a family-friendly browsing environment, and carefully control the content that can be accessed, even preventing access to competitors’ websites.
More importantly, given the range of threats that are delivered via the Internet, businesses can use cloud based web filtering to block those threats and prevent malware and ransomware downloads from the Internet and block access to sites that are used for phishing or social engineering attacks.
On-Premises vs Cloud Security
Traditionally, businesses have housed all their IT equipment in-house. They set up their infrastructure, buy all the necessary equipment, and secure and maintain their hardware and software. There is nothing wrong with this approach, and it has served businesses well, but cloud computing offers many advantages. There is no need for the capital outlay purchasing all that equipment and committing resources to maintain the equipment and upgrading or replacing the hardware when it reaches end-of-life. There is no need to maintain the software and update it and patch it, as the service provider handles those tasks.
With cloud computing, businesses just subscribe to a service and pay a monthly or annual charge to use the hardware and software of cloud service providers and the cost of the hardware and maintenance is spread across many customers. Businesses that take advantage of cloud computing have access to the fastest and most advanced technology, without having to pay the extortionate cost of purchasing the hardware and software and employing specialist staff to maintain it. All businesses, regardless of their size, can access the same IT hardware and software, without having to cover the cost of setting up and managing their own on-premises data centers.
Cloud web filtering providers incorporate multiple levels of redundancy. IT problems do occur, but they do not affect the availability of the service. With an on-premises appliance, if the hardware fails, all web filtering should stop so threats would not be blocked.
Further, the COVID-19 pandemic forced businesses to support remote working, which meant adopting cloud based services to support their remote workers. Now that the pandemic is under control, many businesses have a hybrid working model, where employees spend some of the working week in the office and some at home. Using cloud based services makes a great deal of sense, especially cloud based email and web security services, which are faster, more reliable, and more easily managed.
How Does Cloud Web Filtering Work?
With on-premises web filtering, a physical appliance or software solution is located on-premises through which all web traffic passes and is subject to filtering controls. If remote workers need to be protected, all traffic must be routed through the business’s data center, which means there will likely be latency issues. With cloud web filtering, all filtering takes place in the cloud with the Internet accessed through the cloud service provider. That involves making a change to your DNS servers to point to the cloud web filtering provider and installing an agent on the devices of remote workers.
One of the main advantages of cloud based web filtering is speed. There is no latency with DNS-based cloud web filtering as traffic does not need to be routed back to the data center and the DNS is fast. All filtering takes place in a fraction of a second with no noticeable delay in page load speeds. Businesses can eliminate the high cost of hardware purchases and maintenance, and rather than the capital expense, web filtering becomes an operational expense with predictable annual or monthly costs.
Cloud web filtering is achieved through a variety of controls. First, there are whitelists and blacklists. Sites that are whitelisted can always be accessed, and blacklists are used to prevent access to known malicious websites and illegal content. These are maintained by the service provider, who may also incorporate third-party blacklists, such as the one maintained by the Internet Watch Foundation.
Blocklists are created by users. These are based on URLs, site content, and keywords. For instance, a business may want to block access to certain websites, so all web pages are blocked by the domain (e.g., facebook.com), or block by category – all social media sites, sites containing pornography, or gambling sites. Websites can be blocked by URLs, such as those containing certain keywords. Keyword controls are applied at the page level, with the presence of certain keywords resulting in a block or if a certain keyword density is exceeded. Cloud web filters will scan all webpages and will categorize them and apply the user-defined controls and can scan previously uncategorized content and apply the controls in real-time. Cloud based web filters often incorporate machine learning or artificial intelligence-based methods to rapidly learn which sites contain undesirable content to greatly speed up the process.
Sites known to be used for hosting malware will be automatically blocked using the blacklists, but businesses can further improve anti-malware controls by restricting the types of files that can be downloaded from the Internet. This has the dual purpose of preventing malware from being installed and also for controlling shadow IT, by preventing the downloading of executable files for certain users, such as individuals who are not in the IT department.
Advantages of Cloud Web Filtering
In summary, cloud web filtering allows businesses to:
- Sanitize the Internet
- Improve productivity
- Block access to malicious websites
- Block malware and ransomware downloads
- Achieve compliance – e.g., CIPA compliance for schools and libraries
Advantages of cloud web filtering over on-premises include:
- Web filtering with zero latency
- Apply filtering controls easily for remote workers
- Gain visibility into the Internet access of all users, including in real-time
- Greater flexibility due to the scalability of the cloud
- Avoid hardware purchasing and maintenance costs
- Reduce management time and costs
- Get greater redundancy
Disadvantages of Cloud Web Filtering
There are naturally some disadvantages with cloud web filtering. Cloud web filters can still be subject to DDoS attacks, although cloud service providers are better equipped to deal with these attacks that businesses. There can also be compliance issues, as the web filtering provider will have access to all Internet traffic, so this may not be an option in highly regulated industry sectors, which means an on-premises solution would be a better choice.
WebTitan from TitanHQ
TitanHQ has developed web filtering solutions for businesses of all sizes and supports web filtering for all industry sectors, including schools and libraries and highly regulated industries such as government, finance, and healthcare. For most businesses, including managed service providers, TitanHQ’s cloud based web filtering service will be best – WebTitan Cloud. TitanHQ also offers WebTitan Cloud for Wi-Fi for Wi-Fi hotspot providers, and an on-premises version of the solution – WebTitan Gateway – which can be installed on-premises on existing hardware as a virtual appliance.
For more information on the best web filtering solution to meet the needs of your business, for details of pricing, or to book a product demonstration, give the TitanHQ team a call, or sign up for a free trial of the solution and see for yourself how easy the solution is to use and how effective it is at blocking threats and controlling access to the Internet.