Security
--
Questions
--
Followers
Top Experts
We are medical sector where internet access is allowed only on a need basis.
But in some cases we need to allow some websites for all workstations like O365, Ministries etc. and for that purpose we use a URL Filtering profile that blocks all categories and only allows a custom URL category with specific FQDNs.
The problem is that modern websites pull content from tons of external domains such as images, CSS, JS, widgets, tracking, ads, CDNs, etc.
These change frequently and it’s becoming a nightmare to maintain the URL category.
Every time something breaks, I have to hunt down new URLs and add them manually.
Has anyone found a better approach to handling this without opening up the internet broadly.
Appreciate any suggestions
Zero AI Policy
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
yes that is the nature of the SaaS with many component that has other URLs that you will see wildcard and eventually go into just WL azure.com and microsoft.com since every URL wl is not sustainable. broken url will be seeing wl request flooding in…. this is (sadly) the residual risk for that.
the risk is abt medical info leaked or exfil into internet → which you need some form of restriction of file upload (you cant really block copy&paste since it is disastrous for UX) hence either consider a DLP (device agent) or SSE (DLP in cloud) that will do the blocking.
the other risk is about medical device get compromised due to download coming from unwanted component thru the SaaS → either you go into RBI to have a proxy to sandbox the browsing or default always has some sort of CDR to strip always active scripts/binaries/content from the downloads
there is tradeoff as the mitigation also may not block everything wrt upload and download. For upload, app installed, DLP cant do much on it hence better to focus on browser to web service to SaaS. For download, password protected will escape the scan and for those you may quarantine and ask user to diligently check before download.
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
Security
--
Questions
--
Followers
Top Experts
Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection. Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.
Create your account and start contributing!