March 10, 2005 at 4:51 am #2177039
Monitoring/Filtering Internet UsageLocked
by matthew moran · about 17 years, 2 months ago
I have been asked to write an article on how and why companies monitor and filter Internet Usage for employees. While I have my list of reasons and tools, I would love independent input on what you use and the business objectives. The article is for a non-technical, management directed publication.
What software or service have you found effective?
What are you monitoring and why?
Have you quantified its effectiveness? (the monitoring)
Have you had or heard of any nightmare stories?
What, if anything is lacking in this area?
Do you notify the users of the monitoring?
Any other info you would like to share is perfectly fine.
The IT Career Builder’s Toolkit
Career advice with attitude. Notes From The Toolshed:
http://blogs.ittoolbox.com/pm/careerThis conversation is currently closed to new comments.
March 10, 2005 at 5:04 am #3332275
Our reasons for Monitoring
by tabkey · about 17 years, 2 months ago
In reply to Monitoring/Filtering Internet Usage
The web-based threats facing organisations today are growing in number, complexity, and cost to organisations. Security products such as antivirus and firewalls play a significant role in combating these security threats; however, they have inherent time and technology gaps that leave organizations vulnerable. A monitoring suite complements existing security products to create a comprehensive security solution that protects your organization from web-based threats – both internal and external to your network.
Monitoring suites provide an integrated web security solution, which blocks Spyware, malicious mobile code (MMC), and other web-based threats, as well as Spyware and key logging transmissions back to their host sites. It also protects employees from phishing and controls the sending and receiving of instant messaging (IM) clients. The Monitoring suite provides real-time security updates for immediate protection from new security threats and includes robust reporting and analysis tools that provide organizations with complete information on user access to fraudulent sites or vulnerability to malicious code.
Loss of Productivity
Circulation of an Internet access usage policy (IAUP) is not enough to stem most forms of Internet access abuse. It is merely providing a basis for communicating with employees whenever policy violations lead to the need for corrective action. Like any rule that is unenforceable, due to resource limitations, Internet access policies that are not backed up by proactive monitoring and access control measures will quickly become hollow pronouncements ? losing both the ability to effectively guide users? behaviour and to protect the organisation from liability. Therefore, the organisation must turning to the dual strategy of publishing clear IAUP?s combined with installation of comprehensive, precision Internet access control over user?s Web related activities.
Providing employees with Internet access, we expect that there will be some small amount of ?personal use? ? a traditional issue as for allowing some ?reasonable? amount of personal calls using company telephones. In practice, however, the Internet poses a more sweeping opportunity for abuse. For example, an employee?s Web browsing for a quick ad hoc purchase may seem harmless enough on the surface, but what about when the lure of the Web draws that same employee to expand their activities to more and more purchases, leading to financial difficulties? Or even enabling employees? access to place lottery numbers online, they get hooked on the online ?Scratch cards? or indeed digress to more hardcore gambling sites and find themselves in financial difficulties.
The Internet is such, as most of us have discovered from time to time in our home-based browsing, that it?s very easy to start off with a single objective and then, through the magic mix of hyperlinks and human curiosity, we find ourselves exploring interesting new areas that we had never previously considered. To a significant extent, it is exactly that ?unlimited diversity at your fingertips? phenomenon that makes the Internet so compelling for millions of users. Curiosity that leads to users losing track of time, ?I was only on line for a couple of minutes!? when actually they have been ?Surfing? for around an hour.
Drain on Computing Resources and Bandwidth
Left unchecked, even a small amount of Internet abuse by only a few employees can easily turn into a widespread pattern of abuse, making it the norm. In certain situations, the misuse of web browsing privileges can actually become a self-reinforcing social phenomenon in which even those employees who would not typically flaunt the rules eventually also succumb to the ?everybody?s doing it? attitude. Besides the loss of productivity for the employees that are directly abusing their Internet access privileges, another major concern involves the ripple effects of clogged bandwidth, degraded system performance and over-consumption of finite computing resources that can indirectly reduce the productivity of other non-abusing employees.
Legal Liability Risks
Although enlightened management practices have virtually eliminated yesterday?s common practice of posting sexually oriented pictures on the walls of businesses, many employees tend to think that the fleeting exposure of a similarly offensive picture on a computer screen is somehow not a problem. However, the courts have consistently held that the presence of Internet-related sexual content in the workplace does meet the definition of harassment and that the employer?s failure to take appropriate preventative measures does constitute a violation of employees? rights. For example, an employee opens e-mail from a colleague that contains adult content; any person with the screen in view is then subjected to the content of the email.
The number of compensation claims has been rising in the workplace and it has had to become more politically correct. Rarely will employees engage in the same ?offensive? conduct that was commonplace just a few years ago. As a result, potential claimants have had to look elsewhere for ?smoking guns? to prove their cases, many finding them with the increased presence of the Internet in the workplace.
Few employees would believe that their seemingly innocent ?surfing? could expose their employers to vast liabilities. Though it is this improper use of the Internet that is now the smoking ?e-gun? of current claimants. To these complainants, there is nothing better than walking into court with a piece of paper illustrating a discriminatory statement, joke or picture downloaded from the Internet and sent through e-mail.
Technology Issues in Monitoring and Enforcement
However, like any rule that is not enforced, Internet access policies that are not backed up by proactive monitoring and access control measures will quickly become hollow statements ? losing both the ability to effectively guide users? behaviour and to protect the organisation from liability.
Early attempts at Internet access control focused primarily on filtering based upon keywords as the means to identify objectionable or inappropriate content. This method entailed scanning text on web pages received and matching them against lists of ?bad? keywords. Given that many words can only be judged in context, these solutions had an impossible balancing act between filtering out too little or too much material. Besides the issue of inaccuracy, these keyword-based solutions didn?t protect companies or users from access to other forms of inappropriate Internet content, such as pornographic images or graphics.
Major improvements have been made with the introduction of solutions that monitor and/or block access based upon the Web site being requested. ?Human? operators who work for the solution provider have a chance to make the call before placing a site in a blocked category list; most of the uncertainty and inaccuracy associated with the keyword approach is eliminated. With this approach, when a user clicks on a link or enters a Web site address, it is matched against a database of inappropriate sites. If the requested site is found on the list of blocked sites, the user is presented with a message stating that access to this site is contrary to company policy and who to contact if they think they have a legitimate reason for accessing that site.
Given the dynamic and explosive nature of the Internet, with thousands of new sites going online every day, this type of approach is only viable when coupled with a subscription service that continually provides updates for the database of inappropriate sites, preferably on a daily basis. And to ensure that the updates are applied as they are delivered, the filtering tool used should allow for automatic refresh of the database. Like a virus checker without the latest virus definitions applied, protection rapidly diminishes. Daily updates need to be delivered and applied over the Internet for the best protection and to save administrators a great deal of effort.
Finally, in order to be truly effective, Internet access management technology must not only be accurate, dynamic, automatic, customisable and comprehensive, but affordable, transparent to the installed network hardware and software, easy to set up and maintain, non-performance degrading and scalable enough to grow within the IT environment.
March 14, 2005 at 3:31 pm #3335731