Sergey Nivens - Fotolia

How effective is geofencing technology as a security method?

Geofencing technology is increasingly being used as a security tactic, such as to control access to servers with DNS settings. Expert Michael Cobb explains how it works.

Using geofencing technology as a security tactic appears to be picking up steam. Why and where would someone want to geofence access to a server with their DNS settings?

A geofence is a virtual perimeter around a given geographic area that can provide an additional layer of access control to company resources, not just servers. When combined with other context-aware restrictions, like the time of day and the type of endpoint device, it increases the level of granular control administrators have over access rights. For example, the functionality and data access rights assigned to mobile applications can change automatically based on the device's location relative to geofence boundaries.

Using geofencing technology is also becoming a popular method for ensuring devices do not leave defined areas, like an office campus. If a device leaves a geofenced area, an application installed on the device can trigger various actions, such as sending real-time notifications of the device's whereabouts, encrypting data on the device or disabling sensitive functions.

Domain name system (DNS) geofencing filters can determine the country from which a tracked device is trying to access a server or resource based on its IP address. IP databases and geo-IP applications, such as IP2Location, can identify a user's time zone, ISP and domain name, international direct dialing country code, area code and so on. When a request is received, the IP address is checked against a whitelist or blacklist of geographies to determine if the request should be granted or denied.

However, an attacker can easily mask or change their IP address using a proxy server, virtual private network or DNS service to make it look like they are accessing the internet from another location. But DNS filters can still be useful in situations where a server or resource should only allow access from specific, known IP addresses, such as a branch office or partner office.

Enterprises running networks with sensitive resources should consider upgrading to multifactor authentication products that provide context and constant behavioral checks, instead of relying solely on account credentials to authenticate users. Additional checks, such as IP reputation, geolocation and geo-velocity, make it harder for hackers to impersonate valid users.

While geofencing technology can provide innovative access control, it isn't perfect. Active geofences require an end user to opt in to location services and to allow a mobile app to be open. On certain tracked devices, the GPS data can be spoofed; this means that, in order to be reliable as an enterprise security strategy, geofencing technology can't rely solely on GPS location data, but must use local Wi-Fi and Bluetooth beacons that cannot be spoofed.

Next Steps

Learn how using geofencing can improve your enterprise's security

Find out the best products and services for IT asset tracking

Read about using location-based services to reach out to customers

Dig Deeper on Data security and privacy

Networking
CIO
Enterprise Desktop
Cloud Computing
ComputerWeekly.com
Close