Many people know us for our disruptive model of delivering security, offering it as a highly scalable and globally available service. And, people are starting to talk about the powerful security we provide our customers by harnessing the collective wisdom of our vantage point on the Internet. But there’s a third tranche of OpenDNS that makes us different from the traditional enterprise security guys and it’s just as important as the first two.
In a world where security needs to be delivered 24×7, the approach we take to preserving privacy and providing transparency is of paramount importance.
The reason delivering security as a service is so transformative is that it’s the only way to adequately protect people when they are outside the office. The appliance model doesn’t work in a world where people take their laptops home, get infected, and bring the infection back to the office. And it’s useless when we’re talking about mobile devices accessing cloud applications, neither of which ever touch the corporate network. To be effective, security needs to be enabled anytime you do anything on the Internet, not just when you’re in the office.
But a world of 24×7 security has our customers and us asking a lot of important questions. In order for IT to effectively deliver the message that security has to happen whenever and wherever users work in order to be secure, they also need to be empowered to have discussions around transparency and privacy. Employees also want to know how they are being monitored, especially outside the office and on their own devices. And frankly, we couldn’t agree more and we put this into practice in our service.
Logging is an ideal example of this. While we always want users to be protected from threats, maybe logging what websites someone visits only needs to happen when the employee is physically in the office, where the organization needs to be conscious of liability concerns. What employees do at home may be their own business, and many of our customers tell us is the case. Heck, they don’t even want to know, but they still want them to be protected. So, we now offer Umbrella customers the ability to selectively determine what information is logged based on the device, group, location, policy, and a growing number of other contexts.
When our customers ask us: “Can I block malware all the time, but only log inappropriate websites when the user is in the office, and do all of this regardless of what device the person is using?” We’re proud to say that the answer is now a resounding yes.
And in addition to offering these features, we also think it’s important for the users themselves to be aware of when their traffic is being logged or not. As such, we’ve also added features to our roaming laptop client to display very clearly to users what policies are being applied regarding logging (and eventually we’ll allow IT admins to share more details on what policies are being enforced). Transparency can serve to build trust between IT admins and their users and turn security into a partnership, rather than a battle.
We have much more to say on the topics of privacy and transparency, much of which is being implemented in code in our products. Everyone wants to be secure, and we live in a world where people use devices for work and personal use, and we want to create the conduits to help people do that in a way that is safe, secure and transparent.
For more details on selective logging, watch the 3 minute video our product team created to show you how it works.