Today, the internet is a tool for navigating the world more easily. It’s also an inseparable part of most people's jobs. The internet helps us find and share information, relax, and understand many topics. But as with many good things, the internet has a dark side.Â
Bad actors exploit the benefits the online world gives society, and thus, we must protect against such risks. Businesses need to be aware of the threats that lurk on the internet and find ways to battle them.
Domain Name System (DNS) filtering is one of the most effective ways to prevent unwanted content. Companies employ this feature to minimize the potential of online risks. As a side-effect, this even helps improve employee productivity.
NordLayer has researched how their client companies use DNS filtering functionality. For example, organizations tend to block access to manga or underwear websites more than social networks. This report will reveal exciting findings that suggest best practices your company could try out, too. So, let’s go!
About the research
The statistics mentioned below were acquired by analyzing aggregated data gathered by NordLayer’s DNS filtering service in February of 2024. No identifiable business or user information was collected, reviewed, or otherwise involved when the research and compiled results were conducted.
Category statistics in the research contain 54 varieties. The report overviews data from the main markets by country and continent.
What is DNS filtering
DNS filtering is like having a selective gatekeeper for your internet browsing.Â
Imagine you're trying to get to a party (a website) in a big city (the internet). Instead of navigating through complex streets (IP addresses), you tell your driver (the DNS) the party's name (domain name), like NordLayer.com.Â
Now, imagine some parties aren't safe to attend for various reasons. They might be hosting shady characters (malicious websites) or engaging in activities you'd rather avoid (harmful/inappropriate content).Â
DNS filtering steps in as a responsible friend who advises you on which parties are safe and match your preferences, blocking the risky ones and guiding you to secure enjoyable destinations.
Or, put it shortly:
Click to tweetDNS filtering is a security method that uses the DNS to block access to harmful or unsuitable-for-work websites. It acts as an internet filter, screening websites against set security policies or categories to prevent exposure to threats like malware or phishing.
For businesses, DNS filtering becomes a powerful tool. Managers can set rules on what types of websites employees can visit during work hours on company-managed networks.
By doing so, they enhance the security of company data and protect employees from stumbling into digital pitfalls like phishing websites. It's a smart way to ensure the online environment is not only productive but also safe from threats lurking around the internet's corners.
Most common online threats DNS filtering prevents
DNS filtering helps mitigate the exposure to risks users face while browsing the internet. It includes viruses, spyware and malware, various types of phishing attacks, botnet-escalated threats, and more.
Malware. Malicious software, including viruses, worms, Trojans, and ransomware, can cause significant damage to systems or networks. DNS filtering stops these threats by preventing access to websites that distribute malware.
Botnets. Networks of infected devices can be remotely controlled to launch attacks. DNS filtering can disrupt the communication between these devices and command-and-control servers, mitigating the threat.
Adware. Often annoying and potentially harmful software that displays unwanted ads. DNS filtering can prevent access to adware-distributing sites, enhancing user experience and security.
Viruses. They are malicious programs designed to infect and damage computers and networks. DNS filtering prevents access to websites known for distributing viruses, thus reducing the risk of infections and safeguarding system integrity.
Spyware. Software that secretly monitors and gathers information from individuals or organizations. By blocking sites known to distribute spyware, DNS filtering helps protect privacy and sensitive data.
Overview of DNS categories
First, let’s overview DNS categories. Grouping these categories will help us better see the tendencies of what types of sites are considered to be malicious or at least avoidable. The goal here is to create clusters that share a common theme or purpose, making it easier to manage preferences or restrictions based on user needs, security protocols, or compliance requirements.
By grouping these categories, we create a framework that aids in designing more nuanced and effective DNS filtering strategies, ensuring a balance between user freedom and network security, compliance, or productivity goals. This approach highlights the diversity of online content and the complexities involved in managing internet access responsibly.
Restricted websites: which categories get blocked the most?
Let’s uncover the digital no-go zones together. From shadowy corners harboring malware to tempting and time-sinking entertainment sites like 9GAG and BuzzFeed, we'll explore the top categories that companies across the globe consistently consider too risky or distracting for open access.
Trends of blocking DNS categories
The top 10 DNS-blocked categories offer a revealing glimpse into the primary concerns that motivate organizations to filter internet content. Here’s a breakdown, highlighting what each category suggests about current priorities in network security and content management:
1. Malware (72%): reflects the universal concern for protecting networks and devices from malicious software designed to damage or exploit them.
2. Adult content (72%): indicates efforts to maintain a professional work environment, comply with workplace policies, and possibly avoid legal issues related to inappropriate content access.
Click to tweetIn a recent NordVPN study related to the Threat Protection tool, it was discovered that adult content sites hide the biggest amount of malware. Thus, blocking this type of content mitigates a huge risk for businesses.
Read more about the research and explore more interesting findings.
3. Phishing (70%): underlines the emphasis on safeguarding sensitive information against deceitful attempts to obtain it through fraudulent websites.
4. Illegal or unethical (56%): shows the commitment to corporate ethics and legality, blocking access to content that could harm the company's legal standing or moral integrity.
5. Cryptojacking (54%): highlights the growing concern over unauthorized cryptocurrency mining, which can significantly drain network and device resources.
6. DDoS-as-a-Service (51%): reflects awareness of the threat posed by services offering to disrupt networks through Distributed Denial of Service (DDoS) attacks, emphasizing the need for preventive measures.
7-8. Repeatedly infected websites (44%) and Stalkerware (44%): these categories signal an understanding of the ongoing risks associated with websites known for recurrent malware issues and software that covertly monitors users, stressing continuous vigilance.
9. Hacking (43%) points to the necessity of blocking access to sites that could serve as gateways to hacking tools or knowledge, protecting against unauthorized access or data breaches.
10. Gambling (43%): suggests an effort to prevent potential legal and productivity issues related to gambling, which can also be a source of financial fraud and addiction among employees.
These insights highlight a strategic approach to DNS filtering, balancing between defense against security threats, compliance with legal and ethical standards, and the promotion of a focused and safe work environment.Â
The prevalence of security-related categories (like malware, phishing, and hacking) alongside those aimed at maintaining workplace standards (such as blocking adult content and gambling) shows a comprehensive effort to mitigate risks and support corporate values.
The landscape of DNS blocking reveals a clear prioritization among organizations, with the most blocked categories—malware, adult content, and phishing—highlighting a strong focus on security and maintaining a professional workplace environment.Â
Despite maintaining a professional environment, the biggest focus remains on blocking cyber-attack-affiliated content. 7 categories in the top 10 are related to malicious activities of a third party. Here’s why it’s so important:
In 2022, the digital threat landscape continued to evolve at an alarming rate, with cybercriminals launching 5.5 billion malware attacks using emails and websites as their primary weapons. Fast forward to 2023, and the sophistication of these attacks has only intensified.Â
Artificial intelligence (AI) now aids in crafting phishing emails so convincingly that 65% of users were tricked into disclosing personal information.Â
The closing quarter of 2023 witnessed a surge in hacking activities, culminating in data breaches that exposed over 8 million records globally, underscoring the relentless efforts of cybercriminals.Â
Meanwhile, in 2022, EMEA led with over 35% of spyware (stalkerware) detection, North America followed with 25%, and the Asia-Pacific region accounted for 20%.
By the second quarter of 2023, the threat had diversified further, with around 1.28 million infected sites identified, showcasing the ever-expanding arsenal of cybercriminal tactics.Â
The accessibility of DDoS attacks as a service was highlighted by the startlingly low cost of USD 750 for month-long assaults on unprotected websites, revealing a commercial or business-oriented aspect of cyber warfare.
Cryptojacking attempts, nearly reaching 140 million in 2022, illustrated another aspect of this complex threat, with attackers secretly harnessing victims' computing power for cryptocurrency mining.
The research suggests that blocking these categories of websites is a critical component of an organization's cybersecurity strategy. It helps safeguard the network, protect sensitive data, and ensure the smooth operation of business processes by mitigating risks before they can manifest.
Minimizing distraction, increasing productivity
The percentages of companies blocking various categories provide a fascinating snapshot of the priorities and concerns of modern businesses regarding internet usage. Here's a deeper dive into what these figures might reveal:
Dating sites (30%): this is the most blocked category, indicating a widespread concern among companies about the personal use of company resources and potential distractions. It also highlights efforts to maintain professionalism and focus in the workplace.
Bitcoin (22%): blocking cryptocurrency sites, particularly Bitcoin, reflects concerns over security risks associated with cryptocurrency transactions and the potential for these sites to be linked with illegal activities. Additionally, it suggests an effort to prevent employees from engaging in speculative, non-work-related activities.
VPN (21%): companies restricting VPN services are likely to prevent employees from bypassing network security measures and accessing restricted content. This emphasizes the importance of controlling network traffic and maintaining security protocols.
Games (19%): blocking gaming sites indicates recognition of the productivity drain these sites can cause. It's a move to minimize distractions and ensure employees remain focused on their responsibilities.
Astrology (15%): while it might seem surprising to see astrology websites blocked more frequently than social networks, this decision could stem from a desire to limit access to content considered unscientific or a distraction from work.
Social networks (7%): interestingly, social networks are the least blocked category among those listed, suggesting a nuanced approach by companies towards these platforms. This lower percentage may reflect the recognition of social media's role in professional networking, marketing, and communication strategies, balancing the potential for distraction against the benefits of connectivity.
These trends recognize the evolving role of technology and the internet in the professional landscape while safeguarding company assets and fostering a focused work environment.
DNS filtering differences by regions
Despite various available DNS categories, companies block 10 different types of online content on average. In Asia, we see a more restrictive approach than in Europe and North America. Each region adapts its approach to DNS filtering to meet its unique challenges and objectives best.
The variance in DNS categories blocked between companies in Europe and North America versus Asia likely boils down to four main factors:
Regulatory differences. Asian countries often have stricter internet regulations, requiring more categories to be blocked for compliance. In contrast, European and North American regulations may allow for more freedom online, resulting in fewer restrictions.
Cultural norms. Asian companies might block more categories to align with conservative societal values. In contrast, Western regions may adopt a more liberal stance, focusing on blocking only for security, legal, or productivity reasons.
Cybersecurity threats. A different cybersecurity threat landscape could influence the decision to block more categories in Asia, requiring broader preventive measures than the targeted strategies in Europe and North America.
Work culture and business practices. Asian workplaces often emphasize a strict separation between work and personal life, leading to more extensive blocking to maintain productivity. Western companies might encourage a balance, needing fewer content restrictions.
Looking at North American, European, and Asian markets, we can see that Western regions equally consider malware as their top priority for blocking, while Eastern regions prioritize blocking illegal or unethical content. Adult content like pornography sites and explicit content is the overall second pick, with Europe leading the group.
The approach to blocking DNS categories varies across North America, Europe, and Asia, reflecting each region's unique cybersecurity landscape and cultural nuances.
Malicious websites are a top concern worldwide, with North America leading slightly in terms of proactive blocking measures. This consensus underscores a global recognition of the threats posed by malicious sites, with regional adjustments based on specific cyber landscapes and regulations.
The handling of adult content varies, with Europe's slightly higher blocking rate likely indicative of its stringent content regulations. North America and Asia also prioritize this category, revealing a common aim to maintain a secure online environment.
Phishing attacks are universally combated, showcasing the necessity of robust defenses against this widespread threat. North America's marginally higher blocking rate highlights the persistent challenge phishing poses across regions.
Asia stands out for its markedly higher blocking of illegal/unethical content and services like DDoS-as-a-Service and gambling, reflecting its strict legal and cultural frameworks. The lack of emphasis on hacking in Europe suggests a different focus or reliance on alternative defensive tactics.
Stalkerware and repeatedly infected sites show varied attention, pointing to regional differences in perceived threat levels. Europe's unique focus on drugs aligns with its specific policies, while Asia's concern for cryptocurrencies and dating sites highlights regional security and social considerations.
Importance of proactive online security
DNS filtering serves three pivotal roles in managing online interactions: security, compliance, and productivity. Each role focuses on a distinct goal, but all link to the idea of controlling access to certain types of online content.
Security: preventing malicious or NSFW activity
At its core, DNS filtering is about keeping users safe from harmful content. This includes blocking access to websites known for phishing, malware distribution, or those hosting adult content unsuitable for all audiences.Â
The aim is straightforward: to protect users from threats that could compromise their personal information and device integrity or expose them to inappropriate content. DNS filtering acts as a first line of defense against numerous online security threats by preventing access to these sites.
Compliance: blocking content for device and network security
Compliance takes the security concept a step further by enforcing specific regulatory or policy requirements. This might involve blocking access to illegal download sites to comply with copyright laws or restricting gambling sites to adhere to corporate policies or legal frameworks.Â
DNS filtering for compliance ensures that the organization and its users operate within the bounds of legal and ethical standards, thereby protecting the organization from legal issues and maintaining its reputation.
Productivity: limiting personal matters
The third pillar focuses on enhancing productivity by limiting access to websites unrelated to work or the task at hand. This includes social media platforms, video streaming sites, and other distracting websites that can significantly reduce productivity to stay focused.Â
By restricting access to these sites during work hours, DNS filtering helps organizations ensure that their resources are utilized efficiently and that employees remain focused on their responsibilities.
Network performance: enhancing internet speed optimization
A critical yet often overlooked aspect of DNS filtering is its role in optimizing network performance and internet speed. This optimization process involves restricting access to high-bandwidth websites.
Video streaming services, file-sharing platforms, and large-scale download sites can significantly consume excessive amounts of internet bandwidth. When left unchecked, these activities can greatly degrade network speeds, impacting the individual's productivity and overall organizational efficiency.
Each direction serves a specific purpose, yet they all share the common goal of optimizing the online environment according to the organization's needs.
Why choose NordLayer DNS filtering service?
Choosing NordLayer's DNS filtering service offers organizations a suite of powerful benefits designed to enhance their network security, improve productivity, and ensure a safer online environment for all users.Â
Here's why NordLayer stands out as a preferred option for DNS filtering:
NordLayer's DNS filtering service offers a comprehensive solution that addresses key organizational needs—from security and productivity to compliance and ease of management.
Click to tweetTo keep up with the pace of the evolving internet pitfalls, NordLayer will soon introduce DNS filtering powered by machine learning. What does it mean? Our patented technology makes DNS filtering dynamic. It means that the database is constantly growing, learning, and updating itself.
Its blend of advanced features, customization options, and reliable performance makes it an ideal choice for businesses looking to strengthen their network security and operational efficiency.
How to block employees from accessing websites
Already have NordLayer but didn’t enable the content filtering feature? Here’s how to do it:
1. Go to Control Panel → Network → Servers or Gateways. Choose the dedicated server, click Configure next to it, and select DNS Filtering by Category (Beta) from the dropdown menu.
2. In the request form, select which categories you want to filter. With NordLayer, you can currently choose from 53 DNS categories to block (find the list below).
3. Once you’re done, click on Request DNS Filtering by Category. Please allow up to 24 hours for the feature to be enabled. You will get an email with the confirmation once it’s ready.
