Influential organizations and browsers such as Google, Facebook, PayPal and YouTube are already backing the move to HTML5 and the expansion into well-known media and browser outlets. HTML5 is a necessary transition for industries in need of a new method for content delivery.Itis revolutionizing the underlying structure of the web, as well as howcontent is being processed and presented. This revolution is bringing a wave of new functionalitiesincreasing online responsiveness, delivering richer media and allowing for disconnected operation. Whilethe delivery and development of applications is more streamlined, HTML5 alsocausesa well-known IT headache—security.
HTML5 – Don’t Fall Behind
HTML5 provides a rich, responsive and consistent web application environment, enabling trends such asimproved mobile access and dynamic cloud-based applications. New security challenges will undoubtedly arise as HTML5 expands the adaptability and reach of the web. Existing defense systems are unprepared for new malware accessibility brought by HTML5, such as unique malware channels that usecross-site delivery/communication, broader Javascript capabilities and WebSocket protocol as vehicles for delivery of infection.
Security solutionsneed toaddress new content packaging, transmission protocols and the increased number of outlets that are used for malware delivery. Organizationsbecomevulnerable to malicious codes that are delivered through this new channelwithout HTML5 network protection. According to Forrester Research, “firms are using more consumer-style Web applications… with 84% of firms increasing their use of Web applications.” Companies must regain control of the Internet and web infrastructure with a real-time,scalable solution that optimizes network performance and offers advanced“information scanning” techniques.
Sophisticated and Cost-Effective Solutions
New technologies likeDeep Content Inspection (DCI)maintain network security without disabling the benefits ofHTML5. Security risks vary from simple coded threats to advanced malware hidden in high volumes of traffic. DCI scans and understands the intent of all web content, protecting organizations from all levels of threats. This process ensures that security services remediate in-transit malware. A thorough DCI plan will mesh with the network and scan through content that is packed in both new and existing standards. With the capability of DCI,the ideal solution willprovide the end user with full protectionwhile removing themfrom the security equation altogether. As a result,the users’ computing devices are secured,no matter where the end user is andno matter what they click on.
WebSocket has recently become a significant and convenient feature for many organizations. With WebSocket, organizations can transmitdata for any application using any payload without well-formedHTTP or URL headers. Unfortunately, the convenience and ease of WebSocket simultaneously createsacourse for malware transmission. By implementing solutions that can conduct DCI to a WebSocketpayload, users will be safeguarded against malicious attacks. The appropriate solution will scan, extract and stop threats foundin a WebSocket protocol, protecting the transmission of data for any application.
Usability is the most important step in choosing asecurity solution. The selected security solution should producehigh-performance scanning throughput, preventing end user latency and bandwidth bottlenecks. A lagging system is unacceptable and ineffectivein the business world; a solution needs tosolve problems and not create them.
About the Author:
Dr. Hongwen Zhang is president and CEO of Wedge Networks, an innovative provider of remediation-based Deep Content Inspection for high-performance, network-based Web security. He holds a PhD in Computer Science from the University of Calgary; a MSc in Computer Engineering from the Institute of Computer Technology – Chinese Academy of Sciences (Beijing, PRC), and a Bachelor of Science in Computer Science from Fudan University (Shanghai, PRC). With more than two decades of high tech leadership experience, Dr. Zhang is a co-inventor and holder of several patents in the area of computing and networking.
