Q
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

How effective is geofencing technology as a security method?

Geofencing technology is increasingly being used as a security tactic, such as to control access to servers with DNS settings. Expert Michael Cobb explains how it works.

Using geofencing technology as a security tactic appears to be picking up steam. Why and where would someone want...

to geofence access to a server with their DNS settings?

A geofence is a virtual perimeter around a given geographic area that can provide an additional layer of access control to company resources, not just servers. When combined with other context-aware restrictions, like the time of day and the type of endpoint device, it increases the level of granular control administrators have over access rights. For example, the functionality and data access rights assigned to a mobile app can change automatically based on the device's location relative to geofence boundaries.

Using geofencing technology is also becoming a popular method for ensuring devices do not leave defined areas, like an office campus. If a device leaves a geofenced area, an app installed on the device can trigger various actions, such as sending real-time notifications of the device's whereabouts, encrypting data on the device or disabling sensitive functions.

Domain name system (DNS) geofencing filters can determine the country from which a device is trying to access a server or resource based on its IP address. IP databases and geo-IP applications, such as IP2Location, can identify a user's time zone, ISP and domain name, international direct dialing country code, area code and so on. When a request is received, the IP address is checked against a whitelist or blacklist of geographies to determine if the request should be granted or denied.

However, an attacker can easily mask or change their IP address using a proxy server, virtual private network or DNS service to make it look like they are accessing the internet from another location. But DNS filters can still be useful in situations where a server or resource should only allow access from specific, known IP addresses, such as a branch office or partner office.

Enterprises running networks with sensitive resources should consider upgrading to multifactor authentication products that provide context and constant behavioral checks, instead of relying solely on account credentials to authenticate users. Additional checks, such as IP reputation, geolocation and geo-velocity, make it harder for hackers to impersonate valid users.

While geofencing technology can provide innovative access control, it isn't perfect. Active geofences require an end user to opt in to location services and to allow a mobile app to be open. On certain devices, the GPS data can be spoofed; this means that, in order to be reliable as an enterprise security strategy, geofencing technology can't rely solely on GPS location data, but must use local Wi-Fi and Bluetooth beacons that cannot be spoofed.

Next Steps

Learn how using geofencing can improve your enterprise's security

Find out the best products and services for IT asset tracking

Read about using location-based services to reach out to customers

This was last published in May 2017

Dig Deeper on Data security strategies and governance

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What company resources do you think are appropriate for geofencing?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close