Using geofencing technology as a security tactic appears to be picking up steam. Why and where would someone want...
to geofence access to a server with their DNS settings?
A geofence is a virtual perimeter around a given geographic area that can provide an additional layer of access control to company resources, not just servers. When combined with other context-aware restrictions, like the time of day and the type of endpoint device, it increases the level of granular control administrators have over access rights. For example, the functionality and data access rights assigned to mobile applications can change automatically based on the device's location relative to geofence boundaries.
Using geofencing technology is also becoming a popular method for ensuring devices do not leave defined areas, like an office campus. If a device leaves a geofenced area, an application installed on the device can trigger various actions, such as sending real-time notifications of the device's whereabouts, encrypting data on the device or disabling sensitive functions.
Domain name system (DNS) geofencing filters can determine the country from which a tracked device is trying to access a server or resource based on its IP address. IP databases and geo-IP applications, such as IP2Location, can identify a user's time zone, ISP and domain name, international direct dialing country code, area code and so on. When a request is received, the IP address is checked against a whitelist or blacklist of geographies to determine if the request should be granted or denied.
However, an attacker can easily mask or change their IP address using a proxy server, virtual private network or DNS service to make it look like they are accessing the internet from another location. But DNS filters can still be useful in situations where a server or resource should only allow access from specific, known IP addresses, such as a branch office or partner office.
Enterprises running networks with sensitive resources should consider upgrading to multifactor authentication products that provide context and constant behavioral checks, instead of relying solely on account credentials to authenticate users. Additional checks, such as IP reputation, geolocation and geo-velocity, make it harder for hackers to impersonate valid users.
While geofencing technology can provide innovative access control, it isn't perfect. Active geofences require an end user to opt in to location services and to allow a mobile app to be open. On certain tracked devices, the GPS data can be spoofed; this means that, in order to be reliable as an enterprise security strategy, geofencing technology can't rely solely on GPS location data, but must use local Wi-Fi and Bluetooth beacons that cannot be spoofed.
Learn how using geofencing can improve your enterprise's security
Find out the best products and services for IT asset tracking
Read about using location-based services to reach out to customers
Dig Deeper on Data security strategies and governance
Related Q&A from Michael Cobb
An ad network used domain generation algorithms to bypass ad blockers and launch cryptomining malware. Expert Michael Cobb explains how and the best ... Continue Reading
Researchers at Duo Security discovered a SAML vulnerability that enabled attackers to dupe single sign-on systems. Expert Michael Cobb explains how ... Continue Reading
Hackers were able to exploit a Telegram vulnerability to launch cryptomining malware. Expert Michael Cobb explains how they were able to do so and ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.