Web filtering does to your organization what a mosquito net does to your skin – it keeps the bugs away whilst allowing air to pass through. The trick to effective web filtering is to carefully tune the list of websites on the whitelist, and those on the blacklist. A good web filter can do this balancing act automatically and constantly by feeding off information kept on global servers that are monitoring the Internet in real-time, looking for new emerging threats. Most web filters will also allow companies to customize what is on the whitelist and blacklist and will be able to filter out websites based on lists of keywords.

Web filtering will give both the business and its employees several benefits. Employees are prone to click on innocuous-looking malicious websites. These websites inject malicious code into the user’s browser which, in turn, can infect the user’s entire computer – transforming it into anything from a mad spam spewing machine to an infected zombie PC listening for commands from a hacker on the other side of the world. This type of attack is often called a “drive-by download” and affects all browsers on all operating systems, so nobody is safe. Web filtering increases the web security for your organization by blocking any site that delivers malware in this way.

Web filtering is then complemented by web monitoring in two ways. First of all, it keeps track of the websites that actually do make it through the filters. These websites are generally legitimate; however they might still violate the company policy and must therefore be tracked. Secondly, web monitoring involves the analysis of the Internet usage patterns of your users. This will help you identify cyber-slackers, or people who are exchanging too much information with external websites.

By eliminating cyber-slacking, companies benefit from an increase in productivity. These days it is very common that unsupervised employees spend many hours engaged on social networking or gaming sites during work hours. By monitoring Internet usage instead of blocking it, employees can do their jobs without unnecessary restrictions that can be counterproductive. Monitoring allows more freedom and flexibility for an organization and does not need to be intrusive. Good web monitoring software can generate powerful reports allowing you to see a graph of your entire company. In this way you can identify the biggest time-wasters and adjust your web filters to block them.

Web filtering and web monitoring are clearly very important to enforce web security in your company, giving benefit both to the business and to employees.

1. Bandwidth Hogging

Recently I was at a client who was having issues with his Internet bandwidth. Every morning access to the Internet would slow down to a crawl but then improve in the afternoon. After a short period of network monitoring I discovered that his part-time secretary would turn on an Internet radio station during her morning shift and saturate the already limited bandwidth that was available. This scenario is very common in businesses and is aggravated when numerous employees decide to use streaming content. Content such as YouTube videos and online radio are bandwidth-hungry and can easily eat up bandwidth. This can have an effect on the entire company because critical systems could be impacted while other employees who need Internet access may not be able to do so effectively.

When implementing network Internet control, be sure to select a solution that is capable of distinguishing between streaming content and other traffic. This will allow you to selectively block traffic based on its bandwidth requirements.

2. Cyber-Slacking

The Internet is a great tool but it is also a temptation and employees will always find an excuse to waste time online instead of doing their job. Social networks, news portals and entertainment web sites, can waste many hours of your employees’ time; furthermore Instant Messaging (IM) can continuously disrupt their workflow throughout the day.

To counter this, you should have strict network Internet control policies – however this may come at a price. Tight Internet controls can hinder productivity for some employees who need unrestricted access for particular jobs. To strike a balance, some Internet control software packages should offer a feature called “Soft Blocking” that will allow you to over-ride block policies for certain trusted users or groups.

To counter the threat of IM clients, make sure you select a solution that is IM client aware. This will enable it to distinguish between normal Internet traffic and IM client conversations, and selectively block this type of communication.

3. Malicious Content

In a perfect world you might be able to trust all your employees and allow them to surf the net without restrictions. In a perfect world employees will be careful not to hog bandwidth, nor waste time nor chat with friends instead of working. In a perfect world, network Internet control would still be a requirement. While you could trust your employees, you can never trust the websites they visit.

The web is a dangerous place for the unwary. Malware is rife and comes in many forms: viruses, Trojans, worms, spyware, key loggers and other malicious content. A recent study found that over 60,000 new malware strains are released into the wild every single day, making your employees more vulnerable than they have ever been before when browsing the Internet.

Good network Internet control software will automatically blacklist any website that is found serving malicious content. It does this by tracking new threats in real-time and keeping your blacklist updated so that you do not need to intervene manually.

Companies are building vast databases of information which need to be protected against hackers, viruses, natural disasters and other threats.

In this post I talk about the biggest threat of them all: your trusted employees.

Your employees have many reasons to steal your data. They might be planning to move to a competitor or begin their own venture in your market, or they could be bribed by a third party who has interest in your company’s secrets.

Knowing the methods and tricks they use to steal data can help you stop a major information leak before it happens. Below I describe the five most common leak vectors that any company should protect against.

Leak Vector 1 – The Internet

The Internet is the biggest hole in your defenses against information leaks. Employees who have access to the Internet can transmit data files to computers outside of your private network. There are a lot of applications that facilitate the transfer of data files over the Internet. These applications should be blocked, restricted or monitored.

Email: Users can send files as attachments to any public mailbox.

Websites: Many websites allow file uploads through the HTTP POST method.

Peer to peer: P2P protocols were designed for fast file transfer amongst vast amounts of users. In fact, these technologies are still the preferred choice for the illegal sharing of songs, movies and digital books.

File Transfer Protocol: As its name implies, FTP facilitates the transfer of files and is supported by many major browsers such as Internet Explorer.

Instant Messaging: IM protocols such as MSN Messenger, Skype and Google Talk allow for the transfer of files to online chat buddies anywhere in the world.

Leak Vector 2 – The SneakerNet

The Pentagon had countless virus outbreaks on their internal computers caused by unsafe Internet browsing. To ward off the problem they disconnected their LAN from the Internet. A few weeks later they suffered a large virus outbreak. An investigation found that an infected USB drive introduced the virus. The USB virus was transferred over the SneakerNet, a network created by human beings walking around in sneakers.

In order for this network to function, a storage medium needs to be available. CDs and DVDs are popular because they are cheap, easily available and inconspicuous. USB drives and SD cards are very dangerous because they are very fast and can store large amounts of data. They are also very small and easy to conceal. Mobile phones also pose a threat. They can record conversations, take video and relay information over the Internet using the cellular network. Laptops are also dangerous and are often taken in and out of the premises freely.

Leak Vector 3 – Physical Theft

The digital world is not the only one where you must watch your back. Theft is rampant in the real, physical world. Employees can print or photocopy documents and take them off-site. Physical files can also be taken out of cabinets, and the more technically inclined can pull out hard disks from computers, steal backup tapes or even entire computers!

Leak Vector 4 – Radio Frequency Networks

RF networks drive all wireless communication including WiFi, Bluetooth and cellular networks. These days RF devices are very common in smartphones, which can communicate over several RF technologies at the same time. Modern WiFi network devices are increasing their range drastically and the 3G network allows data transfer from almost anywhere.

Leak Vector 5 – Their own minds

Last, but not least is the knowledge your employees have acquired whilst working with your company. If an employee was involved in the design of a new product, he has inadvertently gained knowledge that he can replicate elsewhere. Whilst there is no true defense against this type of threat, it pays to treat key employees well to reduce the chances of them becoming disgruntled and taking off with your company secrets!

In this post I offer five tips that you can use to avoid all of the common pitfalls that every technical manager, CTO or CIO has to deal with.

1. Understand Compliance

You need to understand the compliance laws that affect your country or state. The two major laws are the Sarbanes-Oxley Act (SOX) and the Health Insurance Portability and Accountability Act (HIPAA). Email regulations also exist in the Gramm-Leach-Bliley Act (GLB), Securities and Exchange Commission laws (SEC 17a) and the National Association of Securities Dealers (NASD 3010).

You should find out which laws apply to your industry. The medical and financial sectors tend to have more laws and compliance is very rigorous. In the e-commerce markets, laws tend to change very quickly and country boundaries are blurred, adding to the challenges.

Breaking the regulations can involve imprisonment in some cases, or very large fines in others, giving companies no choice than to strictly adhere to whatever compliancy laws are put into place.

The major requirements of all compliancy are email retention (email stored for a period of time), and email extraction (email can be pulled from the archive upon request).

2. Have a good Company Policy

A company policy sets down the rules that govern the organization. A good company ensures that its employees are trained in the areas that affect them. This improves their performance and helps them understand their responsibilities.

Policy sections that deal with emails and messaging should include information on which parts other relevant laws are being applied in the organization. Users should know which devices and are allowed and which ones are forbidden, and they should be told what kind of personal information is being retained.

3. Personal email accounts

It is very common these days for employees to have at least two accounts; their corporate account, and their personal account. These accounts could pose a threat to your organization. It is vital that all communication that is related to the organization is only expressed over the company’s approved email accounts because these are the ones covered by the policy.

There is an increasing trend for employees to use their corporate email accounts from their personal mobile devices. In this case you need to ensure compliance of how the device is configured and used.

4. Tools and Services for Compliancy

There is a lot of software as well as services out there that should be used to satisfy the technical requirements for compliance. When selecting email technologies and tools it is important to see which laws and regulations they cover, and whether they cover them adequately. Good email archiving software should conform too many of the email compliance standards, but in some particular situations not all packages will suit your needs, so make sure you read the software specifications before you buy.

Regulation compliance is also being offered as a service where your email traffic is archived in the cloud. When choosing these services, be diligent to where your data is hosted and the amount of control you have over it.

5. Continuous Compliance

Email compliance is a moving target. It is not enough to set it up once and forget about it. You need to continuously monitor and upgrade your email systems. Each time there is a change, compliance can be affected. New employees also need to be trained on company policies, and when policies change, existing staff need to know about the changes. Remain up to date on the latest trends in technology and keep an eye out for new trends that can affect your state of compliance.

A modern and effective web content filtering solution scans more than the domain name. It is able to break down and analyze web traffic making it capable to accurately pinpoint portions of a web page which should not be allowed into the internal network.

An effective web content filtering solution is essential for an SME because granting your employees unfettered access to the Internet opens your company to a multitude of problems.

The main ones that I wish to point out are the following:

●        Security: Grave risk to the companies’ security.

●        Legal Trouble: Liability of inappropriate content.

●        Productivity: Loss of employee productivity due to Internet abuse.

Security

With the advent of Web 2.0 technologies, websites are now mash-ups of content that is aggregated from many other sites. This scenario adds complexity to filtering websites based on domain names alone and also opens up new avenues of attack for hackers and virus writers who are becoming increasingly successful at compromising syndicated feeds. If just one feed of data is compromised, all the websites that pull in that feed will deliver malicious code to their trusted users.

An effective content filtering solution will judge incoming web data based on its content and not its source alone. Malicious content that is smuggled into trusted sites will still be detected and filtered out, thus protecting the internal network.

Inappropriate Content

Companies can be liable for the data that is transferred into their internal networks and servers. In an ideal world, you should be able to trust all your employees that they will only use the Internet for the jobs they do. The reality is unfortunately very different, and one single rogue user’s actions can create serious legal problems if his or her actions are not monitored. Pornography at work and downloading of copyrighted materials are a real and dangerous threat to an SME.

If a good web content filtering solution is in place, an SME is protected against this type of threat. Pornography and copyrighted material is blocked using standard filters. A web content filtering solution from a trusted vendor will also protect you legally because it shows your commitment to stopping this type of crime in your workplace.

Employee Productivity

A security breach due to lack of web content filtering will undoubtedly affect your employee productivity; however, an ineffective or badly configured web content filter can also have a negative effect on productivity if it blocks legitimate content that is needed by your employees to do their job.

A good web content filter acts very much like a sieve. Legitimate data should fall through the filter whilst bad data should be stopped. This means that a requested web page with some forbidden content will still load, but with some bits missing. This will allow the user to get the parts of the web page that are needed whilst remaining protected.

To recap, web content filtering will directly affect three important issues that all SMEs face:

●        System Security

●        Illegal Content

●        Employee Productivity

Having an effective web content filtering strategy that aligns itself with your internet monitoring software will ensure that you are protected from a security and legal standpoint and will improve the productivity of your work force.

Productivity

With social media sites like Facebook and Twitter which can be a great marketing tool for companies, the Internet can be seen as a blessing for businesses. Yet these sites can also be a huge time-drain for employees as they constantly feed users with new distractions that can easily get people hooked. Organizations are often tempted to simply block certain domains from being accessed, however this might not be necessary if a good Internet usage monitoring policy is in place.

Recently a client of mine was unhappy with sales performance from satellite offices so we blocked all social media sites because employees were spending too many hours on Facebook instead of preparing quotations for customers. Surprisingly after blocking these sites, productivity decreased further and sales never picked up. It became apparent that morale of employees dropped when they were denied social interaction. In light of this we implemented an Internet usage monitoring policy and told employees they were allowed up to one hour a day on Facebook during certain hours. This strategy worked; employees were more productive and motivated and their managers were able to reprimand those who did not stick to the rules.

Security

When dealing with security we need to consider two things – preventing a security incident from happening, and being able to investigate an incident if it does happen.

When monitoring Internet usage, detecting a security breach early becomes much easier. Viruses and other intrusions generate irregular patterns of Internet activity that can be detected by Internet usage monitoring. This allows you to stop an incident early, contain the damage and reduce the impact of the breach. Another threat comes from so-called “drive-by-downloads” which are malicious scripts that infect a user’s computer with a virus when an infected website is visited. If these websites are properly monitored the likelihood of this happening is reduced.

Despite all the security you implement, security breaches will still happen. Trusted employees might access prohibited sites or download malicious code, sometimes intentionally and sometimes accidentally. Having an Internet monitoring system in place will allow you to investigate these breaches, find the root cause and determine who was responsible. Without monitoring Internet usage this would be a daunting task.

Having an Internet usage monitoring policy in place is a great deterrent. Employees who know that you are monitoring Internet usage are much less likely to abuse of the Internet freedoms they are granted. When you chose to implement Internet usage monitoring, make sure that you make your employees aware of the system and educate them on how to use the Internet responsibly. This will decrease loss of productivity and keep your internal network secure.