Home Opinion Columns

Geofences Can Help Make Good Neighbors

By Carl Mazzanti, president of eMazzanti Technologies in Hoboken

E-commerce enables businesses – even small ones – to easily connect with existing and potential customers locally and internationally. But can too much of something good can lead to negative consequences?

In some cases, yes, like the time an Essex County municipality’s website allowed anyone to log in, regardless of their location. The idea was that this open e-door policy would help the municipality position itself as an attractive location to live, work or play; potentially attracting visits and capital from a global audience.

The move attracted attention, but visitors included some state-sponsored hackers who tried to extort money by seizing control of municipal bank accounts. Fortunately, local officials quickly contacted the FBI, Homeland Security, and other agencies. They also put out an RFP (Request for Proposal), seeking help to secure their systems.

eMazzanti Technologies answered the RFP and helped secure their systems. After accomplishing that, eMazzanti set out to bolster their cyber defenses and — in addition to recommending a customized suite of antivirus programs, password enhancements, and other security measures — advised the locality to set up a geofence.

Securing the Perimeter

Geofencing is a firewall-based feature that automatically looks at the IP address of incoming traffic or network requests, which is tied to a physical location. It identifies where the traffic originated and allows users to set up a digital barricade, blocking network traffic from specific locations.

Geofencing can play a key role in setting up effective cyber-defense. At a time when state-sponsored hackers were increasingly targeting U.S.-based operations, the FBI logged more than 791,790 reports of suspected internet crime. The agency announced losses exceeding $4.2 billion in 2021, and New Jersey ranked No. 9 in number of victims.

Geofencing can be tailored to specific situations. A municipality or a business that does not regularly conduct international transactions may set up a geofence that locks out all traffic originating from outside the United States. This generally will not keep cross-border traffic from discovering the website, but it will prevent them from accessing the organization’s files. So a legitimate player that wants to do business with the U.S.-based entity can still connect through other means, like a phone call.

Geofencing is not limited to just blanket-blocking international outsiders. If a legitimate user located in Europe attempts to log into the server of a U.S.-based business, a geofence can be programmed to trigger a set of challenge questions that must be answered correctly to authenticate their identity before they are granted access.

Besides deploying challenge questions, geofences can be configured to limit access privileges based on the login attempt’s locational origin. Defensive moves like these may be critical in helping safeguard sensitive credentials which, once breached, may end up being sold on the Dark Web and used by hackers from anywhere around the globe.

A versatile application

Properly designed, a geofence can help shield an organization from massive Distributed Denial-of-Service (DDoS, also known as Denial of service, or DoS) attacks that aim to shut down machines or networks by overwhelming them with traffic from multiple infected systems — using a botnet — and denying access to legitimate users. DDoS attacks are often unleashed from countries outside the U.S. Even if nothing is breached, an organization’s network may go offline simply because the system can’t keep up with the thousands or millions of requests. With some reports indicating that the number of DDoS attacks is expected to reach more than 15 million a year by 2023, geofencing can act as a kind of blanket coverage that will protect the network and data of an organization.

In one scenario, several bots could attack from Eastern Europe — similar to the recent massive DDoS attacks against Ukraine. Instead of depending on the firewall to identify and combat each attack individually, a geofence with appropriate security policies could simply block the attacks from those geographical areas, regardless of the number of individual IP addresses that the attacker may utilize.

In addition to offering another layer of protection against DDoS and other malicious attacks, geofencing may also deliver efficiencies to local businesses by deflecting unnecessary digital traffic. A local contracting business that hosts its website through an on-premises server, for example, may not operate beyond a circumscribed geographical area. But without geofencing, unwanted Web-based traffic from distant locations could devour much of the company’s bandwidth, resulting in server-response slowdowns. In a case like this, an organization’s geofence can be set to filter selected geographical areas without completely blocking them so their bandwidth usage will be limited and the organization’s activities won’t experience slowdowns.

More organizations, of all sizes, are being exposed to DDoS and other kinds of attacks as they take advantage of the many benefits of cloud computing and on-demand delivery of IT resources over the Internet. But competitively priced solutions like geofencing can mitigate their risk.

Exit mobile version