Content filtering is a valuable tool that stops access to or from web pages or emails that can be threats to a business’ network or employee productivity. While firewalls control ingoing and outgoing traffic on the business’ network, content filtering looks at the website or email itself, searching for content patterns such as character strings, phrases, or objects within images. If it finds content that is restricted by company or security policies, it blocks it. It’s possible that a firewall won’t stop the traffic, but the content filter could identify the noncompliance and block it.
Content filters are often a part of internet firewalls, but managed services providers can implement them via hardware or software for security purposes, possibly bundled with a firewall management service.
Your clients can have different objectives for using content filters, and, as Nathan Bradbury, Senior Manager, Sales Engineering, Barracuda, points out, different products address different needs. For example, some products are designed to block employees from using websites, such as social networking sites that aren’t related to employees’ jobs, while others are designed to address malware and persistent threats in executable files such as Word documents, Excel spreadsheets or PDFs.
Take a Security-Forward Approach
Bradbury comments that content filtering isn’t something that’s top of mind for most MSPs’ clients. However, MSPs should leverage these tools as a part of the security strategies they build and execute for their clients. “MSPs that are forward-thinking in terms of security will generally standardize on a content filtering product that is designed specifically for targeting malware and other persistent threats that are residing on websites or in executable files traversing the web,” he says.
“The fact is, blocking malicious our inappropriate content is always a good idea because it can help the business prevent issues from cropping up later,” he says. “It’s paramount that MSPs take a security-forward approach to content filtering so that all websites and shared files are scanned for malware and persistent threats.
Other MSPs leave the decision about whether to use a content filter up to the client. They ask whether their organization requires content filtering to block content inappropriate for the workplace, such as pornography, social media, gaming, peer-to-peer sites or e-commerce platforms.
Content Filtering at Work
Bradbury explains that content filtering can close some gaps that exist in a business’ security strategy. For example, suppose a user check a personal email account on a corporate desktop—an activity that isn’t protected by an email filtering solution. Then, that user downloads an Excel document containing malware, which could quickly infect the entire network.
“It’s not enough to just rely on email filtering because that is only one of several threat vectors that attackers will use to reach the client’s data and application infrastructure,” Bradbury says. For example, an MSP could implement content filtering to block access to personal email accounts to protect their clients from vulnerabilities opening unprotected emails on a corporate network.
The email example raises an important question. Stopping access to websites that can lure employees into using work time to browse social media or do some online shopping is different from filtering email access or deploying solutions that identify and stop malware. Is there one solution that does it all?
Bradbury replies, “While there are a lot of solutions today that hold the promise of being a ‘silver bullet,’ there really is no easy answer when it comes to data and application security. Each solution has its pros and cons, where it excels and where it doesn’t.”
“At Barracuda, we recommend a multilayered approach that targets the different vectors that a user could potentially be impacted by—most commonly focused around having a solution in place that will target web threats. Additionally, antivirus and email filtering are a crucial part of the equation.”
Bradbury says MSPs have several options for content filtering, depending on their clients’ needs. “Content filtering at the perimeter is a great option; however, in the nearly post-pandemic business world, it is not as effective as endpoint-based content filtering, which protects devices, wherever they are located.”
“We recommend a solution that offers customers and partners flexibility and provides an easy-to-use interface with file sandboxing, malware prevention, and comprehensive reporting.
Start the Discussion
Although content filtering can add value to a business’ security strategy, it’s not always a topic of MSP-client discussions. “Most MSPs typically don’t have a conversation with their clients about content filtering on firewalls, as the firewall doesn’t necessarily have that capability. Also, in some cases, content filtering is not something that is top of mind for the client when deploying a firewall,” Bradbury says.
Take a consultative approach, and explain the benefits of content filtering. That conversation may be the start of helping your clients to operate more securely and productively. It may also help expand accounts, build stickier relationships, and contribute to your MSP business’ growth.