Content filtering is a valuable tool that stops access to or from web pages or emails that can threaten a business’ network or employee productivity. While firewalls control ingoing and outgoing traffic on the business’ network, content filtering looks at the website or email, searching for content patterns such as character strings, phrases, or objects within images. If it finds content restricted by company or security policies, it blocks it. It’s possible that a firewall won’t stop the traffic, but the content filter could identify the noncompliance and block it.
Content filters are often a part of internet firewalls, but managed services providers can implement them via hardware or software for security purposes, possibly bundled with a firewall management service.
Your clients can have different objectives for using content filters, and, as Nathan Bradbury, Senior Manager, Sales Engineering, Barracuda, points out, different products address different needs. For example, some products are designed to block employees from using websites, such as social networking sites, that aren’t related to employees’ jobs. In contrast, others are designed to address malware and persistent threats in executable files such as Word documents, Excel spreadsheets or PDFs.
Take a Security-Forward Approach
Bradbury comments that content filtering isn’t top of mind for most MSPs’ clients. However, MSPs should leverage these tools as a part of the security strategies they build and execute for their clients. “MSPs that are forward-thinking in terms of security will generally standardize on a content filtering product designed specifically for targeting malware and other persistent threats residing on websites or in executable files traversing the web,” he says.
“Blocking malicious or inappropriate content is always a good idea because it can help the business prevent issues from cropping up later,” he says. “It’s paramount that MSPs take a security-forward approach to content filtering so that all websites and shared files are scanned for malware and persistent threats.
Other MSPs leave the decision about using a content filter up to the client. Instead, they ask whether their organization requires content filtering to block content inappropriate for the workplace, such as pornography, social media, gaming, peer-to-peer sites or e-commerce platforms.
Content Filtering at Work
Bradbury explains that content filtering can close gaps in a business’s security strategy. For example, suppose a user checks a personal email account on a corporate desktop—an activity not protected by an email filtering solution. Then, that user downloads an Excel document containing malware, which could quickly infect the entire network.
“It’s not enough to rely on email filtering because that is only one of several threat vectors that attackers will use to reach the client’s data and application infrastructure,” Bradbury says. For example, an MSP could implement content filtering to block access to personal email accounts to protect their clients from vulnerabilities opening unprotected emails on a corporate network.
The email example raises an important question. Stopping access to websites that can lure employees into using work time to browse social media or do some online shopping differs from filtering email access or deploying solutions that identify and stop malware. Is there one solution that does it all?
Bradbury replies, “While there are a lot of solutions today that hold the promise of being a ‘silver bullet,’ there is no easy answer when it comes to data and application security. Each solution has pros and cons, where it excels and doesn’t.”
“At Barracuda, we recommend a multilayered approach that targets the different vectors a user could potentially be impacted by – most commonly focused on having a solution that will target web threats. Additionally, antivirus and email filtering are a crucial part of the equation.”
Bradbury says MSPs have several options for content filtering, depending on their clients’ needs. “Content filtering at the perimeter is a great option; however, in the nearly post-pandemic business world, it is not as effective as endpoint-based content filtering, which protects devices, wherever they are located.”
“We recommend a solution that offers customers and partners flexibility and provides an easy-to-use interface with file sandboxing, malware prevention, and comprehensive reporting.
Start the Discussion
Although content filtering can add value to a business’ security strategy, it’s not always a topic of MSP-client discussions. “Most MSPs typically don’t have a conversation with their clients about content filtering on firewalls, as the firewall doesn’t necessarily have that capability. Also, in some cases, content filtering is not top of mind for the client when deploying a firewall,” Bradbury says.
Take a consultative approach, and explain the benefits of content filtering. That conversation may be the start of helping your clients to operate more securely and productively. It may also help expand accounts, build stickier relationships, and contribute to your MSP business growth.