The world is going HTTPS. Is your school prepared?
The recent and rapid adoption of HTTPS (hyper text transfer protocol secure) has made Internet use safer. By encrypting data over a secure socket layer (SSL), the communication between a client (e.g., a browser) and the server can’t be intercepted—which protects against eavesdropping, tampering, and man-in-the-middle attacks.
HTTPS was once relegated to banks, online shops, and sites that request financial and other sensitive information. But thanks to the NSA’s spying stunt—famously exposed by Edward Snowden in 2013—more and more website owners are switching to the HTTPS team.
Even Google has launched a “HTTPS everywhere” campaign and is dangling the carrot that HTTPS is now a “lightweight ranking signal”—potentially giving HTTPS sites an edge in their search-ranking algorithms. This announcement is expected to quickly sway the holdouts.
HTTPS may be good news from a security standpoint—but it’s terribly tricky for schools. To qualify for federal E-Rate funding, K–12 schools are required to block pornographic and other inappropriate content deemed harmful to minors. But old-fashioned filters won’t do: Since they can’t “see” the content, they can’t filter it.
Categorically blocking all SSL sites is a lousy solution: It would prevent staff and students from searching on Google, watching educational YouTube videos, or researching on Wikipedia. Many of the online tools and resources they regularly turn to for teaching and learning would be inaccessible.
Functioning like a trusted man in the middle (TMITM), SSL intercept:
- Decrypts incoming and outgoing HTTPS traffic
- Unencrypts the content
- Dynamically filters the content in real time by examining what’s on the page
- Determines if the on-page content is permissible or not
- Re-encrypts the page and accepts or rejects it, depending on its permissibility score
This method allows you to scrutinize each page, as opposed to blocking an entire URL. For example, a Wikipedia page for “porn stars” would be denied, whereas a Wikipedia entry for “Star Wars” would be allowed.
HTTPS is here to stay. It’s time to deploy an effective filtering solution that can handle encrypted traffic—without depriving users of critical online resources. SSL intercept is an easy, no-brainer addition to your filtering toolbox.
What are your experiences with the SSL “problem”? Tell us in the comments section below.