Follow GFI:
Find us on Facebook Follow us on Twitter Find us on Linkedin Subscribe to our RSS Feed Find us on YouTube Find us on Google+
 

Web Reputation Can Save You from Online Threats

on October 7, 2011

Reputation is everything in business. A single blemish, a negative report, or a poor review of a product, could bring a company to its knees, affect sales and send a negative message to investors or consumers.

Reputation and trust go hand in hand, but from a security perspective this is not always a good thing – particularly when browsing the web.

In a real-life situation, reputation and trust in a brand, product or service – bar some major mishap – don’t change that much. If a hotel is good, in most cases it remains so. If I like a particular brand of clothing, its reputation is usually sound.

Yet, when I go online, how does my level of trust in something and its reputation affect my security?

Let’s say that I like reading a particular online blog. One day the site is hacked and infected with malicious code. The next time I visit that site, there is an increased risk that my machine will be infected as well (especially if I don’t have antivirus installed). Six months down the line, is it still safe to visit that site again?

Now take this example and put it in the context of a busy work environment where employees ‘enjoy’ access to the internet throughout the day. Each employee has his or her favorite websites – most of them innocuous and posing little legal threat to the company.

With such a widespread increase in malicious, fraudulent, phishing and scamming sites appearing daily, what guarantees does the IT administrator have that one of the employees will not visit a website that has been compromised and infected by malware? The employee in question had not visited the site for some time and two months earlier it had hijacked by scammers to push malware to unsuspecting readers. The next time that employee visits the site… oops!

So, how can administrators address this problem? How can they proactively prevent employees from visiting sites that could at some point have been compromised, thus putting the network at risk?

The solution is to filter those sites using web reputation. In a similar way that you would choose a hotel or a service on the basis of its reputation among peers or the public, the web reputation approach gives ratings to websites based on a current and future risk analysis.

Depending on the risk factor, websites are either blocked, classified as suspicious or allowed. This gives administrators the edge over traditional approaches such as Site Categorization. Just because ‘News’ sites typically are not a security risk, that doesn’t mean that they may not be the target of scammers or malware creators. So judging risk on the basis of category alone is not enough. Yet if each website is ranked according to its risk factor and this, in turn, defines what action should be taken, online browsing safety increases considerably.

Website Reputation Index provides a “safeness” rating for websites based on their current and future threat profiles. Administrators can implement flexible Internet access policies by blocking sites based on the risks they pose, rather than preventing access to entire categories of websites, and employees can make smarter decisions about visiting websites with which they are not familiar – and even those they are.

Something certainly worth exploring if web filtering and security are key issues for your organization and your sanity as an administrator!

About the Author:

David Kelleher is Director of Public Relations at GFI Software. With over 20 years’ experience in media and communications, he has written extensively for business and tech publications and is an editor and regular contributor to Talk Tech to Me.

submit to reddit
 
Comments
Kevin Love October 7, 201111:02 pm

Certainly an interesting concept, but how exactly is the data discerned? Is there a group or an organization that monitors and rates these things, or is it simply plugged in whenever a threat is posed? I’d be interested in learning a lot more about how exactly this works.

William Tomas October 10, 20111:52 pm

I believe Web Reputation is already a built-in tool for most major search engines such as Yahoo and Google. In the latter, when you search for a certain keyword, it will label websites that are known to have malicious codes and / or infected with malwares.

Firefox also has this feature. The web browser will not load or display the content of websites that are known to infect its visitors with sorts of viruses.

You should protect your business’ online reputation. It’s an investment for the future.

 
David Attard October 11, 201112:40 pm

@William,
most browsers do implement some kind of malware blocking. However, with some websites, it is not simply a case of black or white. When you have a whole range of scores available at your disposal, you can take more granular decisions.

For example, you can say block High Risk Sites completely, block “Unknown” sites since these are highly likely to be malware or spam, allow tech-savvy users to access websites with a moderate web reputation and allow all users to access trustworthy websites…

@Kevin
there are many features which are used to determine the reputation score of a website, usually there are hundreds of variables which determine the score. Let’s give a few examples:

1. Age of website – thousands of websites a day are created by malware authors to distribute malware – these have a very short lifetime, they are taken offline as soon as security engines find out about them. For the absolutely vast majority of new websites (95%), these are spam or malicious sites. As the age of website increases, its score increases.

2. Location of website – certain geographic regions, web hosting companies, ranges of IPs are known to be “hacker” friendly. Any websites in these regions is given a higher risk rating.

3. Threat History – websites which have been compromised in the past earn negative points. A site which has been compromised probably means a webmaster which is not careful enough, and thus may pose a risk in the future.

These and many other factors are used to give you a rating of not just the current risk a website poses, but most of all the likelihood that a website will host malware in the near future.

This is the real difference with using web reputation for your web security. You will be taking actions to stop websites which can become a threat, before they become a threat. Although the risk may not always manifest itself, why take the risk?

 
Mr_Coffee_Lover October 12, 20112:38 pm

These days it’s so much easier to build and sabotage a reputation. You can use the power of social media to establish a more personal relationship with your existing and potential customers. It’s more practical and real-time.

However, social media can also destroy a business’ web reputation in an instant.

Case Study: Olive Garden

This restaurant has thousands of fans in Facebook. The famous eatery used this tool to upgrade its client relationship. However, its fan page backfired when Olive Garden “accidentally” gave alcoholic drinks to children. The restaurant’s web reputation was damaged in an instant when its Facebook fan page and some online forums were bombarded with complains and angry statements.

Sarah Martin October 30, 20117:35 am

This article starts a very interesting discussion. A company must be aware of this security aspect because a company’s reputation is its most valuable asset and it is very unfortunate to ruin your reputation because of falling victim to malware. This adds insult to injury.