insider threats

What is Geo IP—and Do You Need It?

If the COVID-19 pandemic has taught us anything, it’s that cybersecurity matters. The shift to remote work followed by an increase in sensitive data circulating on the web has exposed business networks to cyberattacks at the same time as the attacks themselves grew more sophisticated. As a result, global losses from cybercrime shot up to nearly $1 trillion in 2020, nearly doubling the $500 Million lost in 2018. Today, only weak leaders operate under the motto “this won’t happen to me.” 

Any business committed to securing its data from prying eyes should put together a cybersecurity toolkit that should include email security protocols and an advanced anti-virus, among other tools. One other important instrument to consider adding to this toolkit is the GeoIP filtering. As the name implies, this technology can block access to your network for entire countries, regions, or IP addresses from certain locations. Is GeoIP a good idea? Let’s find out. 


Who Should Use GeoIP? 

While blocking entire countries from your network may mildly resemble taking a sled hammer to a fly, for many U.S.-based businesses this may not be a bad idea after all. Facts speak clearly: the absolute majority of cyberattacks originate in one of three countries: Russia, China, or Brazil. The most straightforward solution, then, is to cut traffic from those countries off from your network and sleep soundly ever after. 

That is unless your business does work with some foreign countries or hosts its servers abroad. In that case, you will need to conduct a more in-depth investigation of the server location for you and your foreign partners. Luckily, a good GeoIP solution will allow you to whitelist specific IP-addresses or locations while still blocking non-approved ones. 

It is also worth noting that many foreign countries hurry to block traffic from the U.S. As it turns out, many hackers reside right next door.     


Who Doesn’t Need GeoIP? 

As we found out, a business that operates solely within the U.S. would rip the most benefits from a strong GeoIP protocol. On the contrary, if a business does most of its business abroad, this business will need to more thoughtful GeoIP setup that will include black and white lists of IP addresses, and even then may only marginally benefit from GeoIP. 

Another growing group of businesses that should use GeoIP with deeper consideration includes businesses that leverage cloud infrastructure for their daily operations. This would include virtual offices, cloud computing, and managed services. The reason for this is that many cloud providers such as Amazon Web Services (AWS) and Microsoft Aruze are global with datacenters spanning the world. For instance, AWS has three data centers in China and one in Brazil, while Azure servers are located in four regions of China and two regions of Brasil. If you just go off the list of the top cyber offenders for the GeoIP settings, you may be risking locking yourself out of your data. 

All in all, GeoIP is a powerful addition to your cybersecurity toolkit, but not a replacement for all the other tools. If you have a choice, in most cases it is better to have GeoIP filtering turned ‘on’ rather than ‘off.’ That being said, unless your company is one of the few who do business and host their data exclusively in the U.S., it is not recommended to DIY the set up on GeoIP to avoid issues with access by remote employees and partners. Talk to your trusted IT expert at 3nom today about GeoIP and the entire cybersecurity toolkit built around your goals and the way you do business. 

Improve Your Productivity

Subscribe to learn more