top of page

ISO 27001 Control 8.23: Web Filtering

Writer's picture: Alan ParkerAlan Parker

The Role of Web Filtering in Cybersecurity

In an increasingly connected world, access to external websites presents both opportunities and risks for organisations. Without proper controls, employees may inadvertently expose systems to malware, phishing attempts, and unauthorised content, leading to security breaches, data loss, and compliance violations.


Cybercriminals continuously evolve their techniques to exploit web vulnerabilities, making it imperative for organisations to establish robust web filtering mechanisms. Web filtering is a crucial security measure that helps manage access to external websites, ensuring that organisations reduce exposure to malicious content and prevent unauthorised access to web-based resources.


Beyond security, web filtering also supports compliance with industry regulations, improves workplace productivity, and reduces bandwidth consumption.


This article explores the principles of web filtering as outlined in ISO/IEC 27001, highlighting the importance of restricting access, establishing security policies, leveraging modern filtering technologies, and training personnel on safe web usage.



Purpose of Web Filtering


Web filtering plays a pivotal role in modern cybersecurity strategies by preventing threats and ensuring a secure working environment.


The key objectives of web filtering include:


  • Preventing Malware Infections – Blocking access to known malicious websites reduces the risk of system compromise and protects network integrity.

  • Reducing Phishing Attacks – Restricting access to phishing sites prevents employees from inadvertently exposing credentials and sensitive data.

  • Ensuring Regulatory Compliance – Enforcing web content restrictions helps organisations comply with industry standards such as GDPR, ISO 27001, and NIST.

  • Enhancing Productivity – Limiting access to non-business-related sites minimises distractions and ensures employees remain focused on work-related tasks.

  • Protecting Sensitive Data – Preventing access to high-risk websites mitigates the risk of data exfiltration, unauthorised uploads, and insider threats.

  • Reducing Bandwidth Consumption – Controlling access to bandwidth-heavy sites such as video streaming platforms can improve overall network performance.


Implementing Web Filtering Controls

To mitigate security risks, organisations should establish clear web filtering policies that define permissible and restricted website access.


Effective web filtering strategies should integrate various security controls, including:


Blocking High-Risk Websites


Organisations should prevent access to:


  • Websites with upload functions unless explicitly required for business purposes.

  • Known or suspected malicious websites that distribute malware and ransomware.

  • Command-and-control (C2) servers linked to cyberattacks.

  • Domains flagged by threat intelligence sources (ISO 27002:5.7).

  • Websites hosting illegal content or violating regulatory guidelines.

  • Sites with excessive tracking and intrusive advertisements that could lead to privacy violations.


Configuring Browser Security Settings

Many modern browsers include built-in security features that organisations should configure to enhance protection against web-based threats.


These settings should be adjusted to:


  • Automatically block access to unsecured or flagged websites.

  • Prevent users from bypassing security warnings.

  • Restrict downloads from untrusted or unknown sources.

  • Enforce HTTPS-only browsing to reduce exposure to man-in-the-middle (MitM) attacks.


Leveraging Advanced Web Filtering Technologies

Organisations can deploy a combination of security technologies to strengthen web filtering capabilities:


  • URL Filtering – Allowing or blocking access based on pre-approved website lists.

  • Category-Based Filtering – Restricting access to entire categories such as gambling, adult content, and social media.

  • Heuristic Analysis – Detecting and blocking emerging threats based on behavioural analysis of websites.

  • Cloud-Based Filtering Services – Leveraging real-time threat intelligence updates to enhance filtering accuracy.

  • AI-Powered Content Inspection – Using machine learning models to analyse and block suspicious web content in real time.


Establishing Organisational Rules for Web Access

Before deploying web filtering controls, organisations should define clear policies on the acceptable use of online resources.


These policies should address:


  • Restrictions on undesirable or inappropriate websites, aligned with business requirements.

  • Guidelines for using business-critical web-based applications securely.

  • Processes for requesting access to restricted content when required for legitimate business purposes.

  • Criteria for reviewing and updating web filtering rules based on evolving threats and organisational needs.


Web filtering policies should be regularly reviewed and updated to adapt to emerging threats and business requirements, ensuring continuous protection against cyber risks.


Employee Awareness and Training

Security awareness training is essential to ensure employees understand web filtering policies and their role in maintaining cybersecurity.


Training should cover:


  • Recognising phishing attempts and malicious websites.

  • Understanding and adhering to browser security warnings.

  • Reporting security concerns, suspicious websites, and policy violations.

  • Following proper procedures for requesting exceptions when access to blocked websites is necessary.

  • The risks of using unsecured public Wi-Fi and safe browsing best practices.


Educating personnel on secure web browsing practices reinforces security measures and minimises the risk of human error leading to security incidents.


Monitoring and Continuous Improvement

Effective web filtering requires continuous monitoring and adjustments to adapt to evolving cyber threats.


Organisations should:


  • Regularly update web filtering policies and blocked website lists based on threat intelligence reports.

  • Monitor employee web activity to detect anomalous access attempts.

  • Analyse security logs for potential violations or attempts to bypass web filtering controls.

  • Implement an incident response plan for addressing security breaches related to web access.


By actively monitoring and improving web filtering strategies, organisations can maintain a strong security posture and mitigate emerging threats effectively.


Conclusion

Web filtering is a critical component of an organisation’s cybersecurity strategy, providing a preventive layer of defence against malware, phishing, and unauthorised web content. By implementing strong web filtering policies, leveraging advanced security technologies, and training employees on secure browsing practices, organisations can significantly reduce cyber risks and ensure compliance with security standards.


A well-structured web filtering strategy not only protects organisational assets but also fosters a secure and productive digital environment. As cyber threats continue to evolve, organisations must adopt a proactive approach to web security through continuous monitoring, policy updates, and education. By doing so, they can create a safer online environment for employees while maintaining compliance and reducing exposure to cybersecurity risks.

Comentarios

About the author

Alan Parker is an IT consultant and project manager who specialises in IT governance, process implementation, and project delivery. With over 30 years of experience in the industry, Alan believes that simplifying complex challenges and avoiding pitfalls are key to successful IT management. He has led various IT teams and projects across multiple organisations, continually honing his expertise in ITIL and PRINCE2 methodologies. Alan holds a degree in Information Systems and has been recognised for his ability to deliver reliable and effective IT solutions. He lives in Berkshire, UK, with his family.

bottom of page