Bitdefender BOX Technology Teardown – Sensitive Data Protection
We know technology can sound overwhelming, particularly when it comes to cybersecurity. So we strive to make it accessible and controllable at the press of a button. This article – part of a series – aims to explain several of the innovative Bitdefender technologies that constitute the building blocks of Bitdefender BOX.
The Internet is designed, right from its inception as a military project, as an extremely robust communication network. Sever one part of it and the rest can still send messages, as networking equipment can discover and use new routes for traffic.
While this resilience allows the Internet to continuously reconfigure itself and avoid bottlenecks, it comes with a huge privacy risk: you don’t control the path your data takes to its destination. As it flows from one computer to another, unencrypted data becomes vulnerable to eavesdropping and tampering.
This is why, for years, large internet corporations and service providers have advocated the adoption of end-to-end encryption technologies that “scramble” the content as it leaves the user’s browser towards its final destination. This helps users cloak important information such as usernames and passwords, credit card data and other sensitive content that might be susceptible to eavesdropping.
But the Internet is encrypted!
At this point, almost 80% of Internet traffic is encrypted between communicating parties. While this is dramatically better than several years ago, anything below 100% is unfortunately not enough. The remaining 20% of websites a user might connect to would actively leak login data or credit card information to anyone listening in on the network, particularly on public Wi-Fi.
Blissfully unaware of this threat, device users continue to send unencrypted data to servers that do not provide a secure (HTTPS) connection. This is where the Sensitive Data Protection technology in Bitdefender BOX comes in.
Bitdefender BOX scans your traffic for tell-tale signs of danger. Malware, phishing or fraudulent web pages are blocked on the fly before they reach the device. Similarly, Bitdefender BOX monitors for sensitive data sent unencrypted to websites.
Passwords, credit card data and social security numbers submitted through web forms are blocked before they reach the network and the user receives a notification about the issue. This prevents the user from inadvertently leaking out data in plain text.
And it’s not just users who leak their data while attempting to connect to unsecure (HTTP only) websites. Many IoT devices communicate with cloud-based infrastructure via plain text to avoid the small overhead encryption would incur. Webcams and NAS boxes sending their credentials to the cloud in plain text during authentication, or even transmitting live feeds of data from the premises, can leave the information vulnerable to interception.
So, next time your Bitdefender BOX tells you that it has stopped a device from sending unencrypted private data, know that your credentials could have landed into the wrong hands without you even knowing about it.Bitdefender Bitdefender BOX Sensitive data Protection