Proper filtering system can minimize unproductive behaviour
Putting a web-connected computer on workers’ desktops offers them the world — a fantastic resource for knowledge and information, but also an irresistible magnet for non-productive, potentially damaging or illegal pursuits.
To counter that magnet, employers may want to consider tracking staff Internet usage. It can help deter improper Internet use and give the employer the ability to accurately quantify activities — such as online sports, shopping, banking and gambling — that could be helpful in discipline and termination (not to mention wrongful dismissal lawsuits). It could also reduce the cost of bandwidth charges employers incur if workers are, for example, streaming live audio or video all day long.
While many employers have Internet and computer policies, enforcement can be a challenge. The Internet continues to explode and the threats to business are increasing and changing. E-mails arrive every day enticing staff to click on freshly invented links. Malware, or malicious software, is brought into an organization when unsuspecting employees click on uncategorized URLs or download freebies unrelated to work.
To keep up with this onslaught, filtering products can do a reasonable job if they automatically scan incoming, unknown content and add those results to the filtering database on a continuous basis. Anything based on a fixed list can quickly become obsolete as scammers evolve new ways to circumvent blocking tools. A firewall provides some degree of security from outside hacking and may log activity, but it’s not doing much to keep employees focused on work and away from the problems mentioned.
Dedicated security products come in a wide range of features, strengths and platforms. Some are add-ons to existing proxy or caching servers, which can cause dependency and performance issues. More robust solutions include stand-alone applications meant to do that one job well. Newly emerging technology includes “in-the-cloud” applications that off-load the filtering task to a service provider outside the company’s network.
Most products are priced on a per-user and annual subscription basis because of the continual service of finding, categorizing and delivering thousands of new URLs to the filtering database. Timeliness and accuracy of that list are critical for effectiveness — one person’s health website is another person’s pornography. The URL control list is an ever-changing, hair-splitting exercise and no system is perfect. Legitimate sites will get blocked, so employers need a customizable, flexible system that allows delegated staff to easily unblock or reclassify items internally, on the fly.
Other features to consider in a purchase decision:
Administrative control and flexibility: Is everything automated? Can employers easily modify settings and unblock misclassified items, control what gets blocked and when, and delegate those responsibilities? Can policies be created to suit different user groups, such as allowing employees to do online banking for 15 minutes a day during lunch?
Scalability: Can the solution grow with the employer and with increasing Internet usage?
Portability: Are mobile workers covered? Installable modules for remote clients outside of the corporate network can tie these machines into the central filtering system.
Compatibility and integration: Does it mesh seamlessly with existing infrastructure and directory services? Can the technology be part of an integrated security gateway?
Reporting: Does it pinpoint problems and automatically deliver accurate summaries to the management desktop?
SSL and other proxy-based avoidance mechanisms: Can employers shut down these clever work-arounds or can hackers in the company drive a truck through the security holes?
Richard Procter looks after sales and support for APL Borealis, the Canadian distributor for network security products from ContentKeeper Technologies. He can be reached at (866) 888-6377 or [email protected].
Tips for employers
Upsides and downsides to filtering
Content-filtering applications can mitigate legal risks, increase the productivity of staff and protect the performance of the network, but there are some downsides.
Pros
Increasing productivity: The average employee with Internet access spends about six hours per week surfing non-business-related sites such as web e-mail, news, travel, shopping and social networking.
Protection from viruses, spyware and phishing attacks: Maverick use of the Internet internally leaves an organization vulnerable to the infections of malicious codes. Advanced filtering solutions can block such attacks from entering the network while reducing the amount of time IT spends “cleaning” the network and individual workstations.
Maximizing bandwidth performance: As users access sites such as YouTube, network bandwidth is used. If this use is not controlled, the network will operate at a slower rate, negatively affecting employees’ ability to conduct revenue-generating activities that depend on network connectivity.
Managing illegal or inappropriate content: The downloading, viewing or distributing of pornographic content using corporately owned equipment could result in a variety of legal issues, from internal harassment cases to criminal charges, depending on the nature of the content.
Individual monitoring or auditing: Communicating this level of transparency to the organization alone will usually change the working behaviour of staff. Having back-up data allows organizations to properly manage those who are abusing their Internet privileges.
Cons
Network latency: Nowadays, this negative connotation is basically a fallacy. Many filtering solutions have been enhanced to the point where little, if any, latency is encountered.
Employee resentment: As long as employers communicate the terms of an acceptable-use policy and make sure employees are aware their usage will be audited, there are seldom any issues.
“Over blocking”: Some filtering products block a website that should really be allowed, but more advanced filtering addresses this problem. The traditional way filtering vendors assign content categories to each URL is to have a team scour the Internet daily looking for new sites and categorizing them. While it has a high accuracy rate, this takes considerable time and resources to keep pace with new web pages posted and to monitor previously categorized pages. More advanced filtering providers use technology to review new web page content in real-time. Upon receiving notification of these new pages, the web page will be called, scanned and then categorized in milliseconds, with an average accuracy rating of 97 per cent or better.
