Comment By definition a proxy is a MITM (Score 1) 572
A proxy is am MITM because it terminates your request for a website, makes its own request to that website then once it receives the content from said website, delivers it to you.An SSL proxy does the same thing for HTTPS based content. It should not be a surprise that corporate devices trust the certificates signed by corporate proxy.
There are many reasons for implementing an SSL Proxy, the primary reason is security. Web-based malware has transitioned almost exclusively to delivery over HTTPS. If the corporation is not inspecting HTTPS traffic for malicious code, then they are ignoring a significant portion of their web traffic, upwards of 40% and growing. This means no URL Filtering, Malware Scanning, Intrusion Prevention or other security measures are applied to almost half of all web traffic.
Still sticking with the security angle is outbound security, whether it is Data Loss Prevention, Botnet Command and Control or other exiting traffic that the company wishes to prevent, you are still only seeing about half of it without SSL inspection.
Typically, SSL proxies have the ability to control what sessions are decrypted and which ones aren't. This is usually tied to a URL Filtering package that identifies the category of website being requested based on URL or URI. Then policy is designed so that requests for banking and health care sites don't get decrypted.
Many security conscious companies do use SSL proxies and unfortunately, many do not. The ones that don't occasionally make the headlines, like Target and Adobe did recently. Sadly for them it wasn't for record breaking profits, it was because of mandatory breach disclosure laws and a security perimeter that is only about 50% effective. While this was bad for Target, it was also bad for the tens of thousands of Target customers who had their private information leaked. And Adobe lost 40Gigs of proprietary source code as well as customer data.
So, if you work for a company that does use SSL proxies, you can be pretty sure the purpose and intent is not to spy on YOU the employee, but to make sure that the company is doing everything it can to protect itself, its customers and even YOU its employee from the criminals who seek to steal information like credit card data, social security numbers, intellectual property and other private data.
There are many reasons for implementing an SSL Proxy, the primary reason is security. Web-based malware has transitioned almost exclusively to delivery over HTTPS. If the corporation is not inspecting HTTPS traffic for malicious code, then they are ignoring a significant portion of their web traffic, upwards of 40% and growing. This means no URL Filtering, Malware Scanning, Intrusion Prevention or other security measures are applied to almost half of all web traffic.
Still sticking with the security angle is outbound security, whether it is Data Loss Prevention, Botnet Command and Control or other exiting traffic that the company wishes to prevent, you are still only seeing about half of it without SSL inspection.
Typically, SSL proxies have the ability to control what sessions are decrypted and which ones aren't. This is usually tied to a URL Filtering package that identifies the category of website being requested based on URL or URI. Then policy is designed so that requests for banking and health care sites don't get decrypted.
Many security conscious companies do use SSL proxies and unfortunately, many do not. The ones that don't occasionally make the headlines, like Target and Adobe did recently. Sadly for them it wasn't for record breaking profits, it was because of mandatory breach disclosure laws and a security perimeter that is only about 50% effective. While this was bad for Target, it was also bad for the tens of thousands of Target customers who had their private information leaked. And Adobe lost 40Gigs of proprietary source code as well as customer data.
So, if you work for a company that does use SSL proxies, you can be pretty sure the purpose and intent is not to spy on YOU the employee, but to make sure that the company is doing everything it can to protect itself, its customers and even YOU its employee from the criminals who seek to steal information like credit card data, social security numbers, intellectual property and other private data.