News Item

NCSC published factsheet on TLS interception

The NCSC has published the English version of its factsheet on considerations and preconditions for the deployment of TLS interception.

Published on May 02, 2018

© Copyright: Shutterstock

TLS interception makes encrypted connections within the network of an organisation accessible for inspection. The use of this technical measure should be carefully considered in the light of additional risks and should meet a number of important preconditions.

The reason for using TLS interception is that more and more internet services and connections use TLS encryption. This safeguards the integrity and confidentiality of the data transmitted and received. At the same time, it makes it more difficult for organizations to inspect internet traffic centrally in their network for malicious elements and confidential organizational data that leaves the organisation via the internet.

The NCSC recommends organizations to conduct a review of compliance with legal requirements, covering at least the processing of personal data. In addition, it is necessary to make a thorough assessment of the usefulness and necessity of applying TLS interception in the context of other security measures. The TLS proxy must securely establish encrypted connections and be integrated within other security measures. Finally, it is important to properly secure the TLS proxy itself, because it is an attractive target.

The factsheet can also be downloaded at https://www.ncsc.nl/english/current-topics/news/ncsc-publishes-factsheet-on-considerations-and-preconditions-for-the-deployment-of-tls-interception.html

 

 

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:

http://www.enisa.europa.eu/media/news-items/news-wires/RSS

PRs:

http://www.enisa.europa.eu/media/press-releases/press-releases/RSS

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information