Preventions
- ID: PV021
- Created: 08th June 2024
- Updated: 23rd July 2024
- Platforms: Windows, Linux, MacOS
- Contributor: The ITM Team
DNS Filtering
Domain Name System (DNS) filtering allows the blocking of domain resolution for specific domains or automatically categorized classes of domains (depending on the functionality of the software or appliance being used). DNS filtering prevents users from accessing blocked domains, regardless of the IP address the domains resolve to.
Examples of automatically categorized classes of domains are ‘gambling’ or ‘social networking’ domains. Automatic categorizations of domains are typically conducted by the software or appliance being used, whereas specific domains can be blocked manually. Most DNS filtering software or appliances will provide the ability to use Regular Expressions (RegEx) to (for example) also filter all subdomains on a specified domain.
DNS filtering can be applied on an individual host, such as with the hosts file, or for multiple hosts via a DNS server or firewall.
Sections
| ID | Name | Description |
|---|---|---|
| IF008 | Inappropriate Web Browsing | A subject accesses web content that is deemed inappropriate by the organization. |
| IF007 | Unlawfully Accessing Copyrighted Material | A subject unlawfully accesses copyrighted material, such as pirated media or illegitimate streaming sites. |
| ME006 | Web Access | A subject can access the web with an organization device. |
| ME008 | Network Attached Storage | A subject can write to a Network Attached Storage (NAS) device outside of the organisations control. |
| IF017 | Excessive Personal Use | A subject uses organizational resources, such as internet access, email, or work devices, for personal activities both during and outside work hours, exceeding reasonable personal use. This leads to reduced productivity, increased security risks, and the potential mixing of personal and organizational data, ultimately affecting the organization’s efficiency and overall security. |
| IF018 | Sharing on AI Chatbot Platforms | A subject interacts with a public Artificial Intelligence (AI) chatbot (such as ChatGPT and xAI Grok), leading to the intentional or unintentional sharing of sensitive information. |
| IF008.001 | Lawful Pornography | A subject accesses lawful pornographic material from an organization device, contravening internal policies on acceptable use of organization equipment. |
| IF008.002 | Unlawful Pornography | A subject accesses unlawful pornographic material from a organization device, contravening internal policies on acceptable use of organization equipment and potentially, the law. |
| IF008.003 | Terrorist Content | A subject accesses, possesses and/or distributes materials that advocate, promote, or incite unlawful acts of violence intended to further political, ideological or religious aims (terrorism). |
| IF008.004 | Extremist Content | A person accesses, possesses, or distributes materials that advocate, promote, or incite extreme ideological, political, or religious views, often encouraging violence or promoting prejudice against individuals or groups. |
| IF008.005 | Gambling | A subject accesses or participates in online gambling from a corporate device, contravening internal policies on acceptable use of company equipment. |
| IF008.006 | Inappropriate Usage of Social Media | A subject misuses social media platforms to engage in activities that violate organizational policies, compromise security, disclose confidential information, or damage the organization’s reputation. This includes sharing sensitive data, making unauthorized statements, engaging in harassment or bullying, or undertaking any actions that could risk the organization’s digital security or public image. |
| IF008.007 | Gaming | A subject accesses or participates in web-based online gaming from a corporate device, contravening internal policies on acceptable use of company equipment. |
| IF008.008 | Other Inappropriate Content | A subject accesses other inappropriate web content from a corporate device, contravening internal policies on acceptable use of company equipment. |
| IF007.001 | Downloading Copyrighted Material | A subject uses a website or peer-to-peer (P2P) network (such as BitTorrent) to unlawfully download copyrighted material. |
| IF007.002 | Streaming Copyrighted Material | A subject accesses a website that allows for the unauthorized streaming of copyrighted material. |
| IF007.003 | Distributing Copyrighted Material | A subject uses a website or peer-to-peer (P2P) network (such as BitTorrent) to unlawfully distribute copyrighted material. |
| ME006.001 | Webmail | A subject can access personal webmail services in a browser. |
| ME006.002 | Cloud Storage | A subject can access personal cloud storage in a browser. |
| ME006.003 | Inappropriate Websites | A subject can access websites containing inappropriate content. |
| ME006.004 | Note-Taking Websites | A subject can access external note-taking websites (Such as Evernote). |
| ME006.005 | Messenger Services | A subject can access external messenger web-applications with the ability to transmit data and/or files. |
| ME006.007 | Text Storage Websites | A subject can access external text storage websites, such as Pastebin. |
| IF004.004 | Exfiltration via Screen Sharing Software | A subject exfiltrates data outside of the organization's control using the built-in file transfer capabilities of software such as Teamviewer. |
| IF018.002 | Reckless Sharing on AI Chatbot Platforms | A subject recklessly interacts with a public Artificial Intelligence (AI) chatbot (such as ChatGPT and xAI Grok), leading to the inadvertent sharing of sensitive information. The submission of sensitive information to public AI platforms risks exposure due to potential inadequate data handling or security practices. Although some platforms are designed not to retain specific personal data, the reckless disclosure could expose the information to unauthorized access and potential misuse, violating data privacy regulations and leading to a loss of competitive advantage through the exposure of proprietary information. |