Content Filtering

Internet-content filtering, which was devised to prevent children from being exposed to offensive Web sites, is now gaining a foothold in the corporate market. But companies aren't being driven by a sense of morality as much as by business concerns. If employees are free to download and distribute offensive material at work, their employer could end up being sued for having vicarious liability in sexual or racial harassment cases.

Those considerations have led to such cases as the sacking last autumn of 32 workers in the U.K. by Orange PLC -- the mobile-phone network subsidiary of France Telecom SA -- for distributing pornographic material downloaded from the Internet.

Such concerns also mean that the filtering market will grow by close to 50% per year, reaching (707.8 million euros) world-wide by 2004, according to forecasts by research group International Data Corp. forecasts. It isn't surprising, then, that new players are jumping into the market.

Content filtering works in two basic ways: The Web-site address -- or URL -- is checked against a "control list" as the employee requests an Internet page; or the software "sniffs" the contents of the file as it is being downloaded to the desktop computer. Depending on the sophistication of the software, an employee could be blocked from accessing a page; discouraged by a warning; or the page that is visited could be registered in log, either to track abuse or simply to record Internet usage.

Filters now can monitor more than just pornography and racism. Employers can check whether unsatisfactory employee productivity is the result for employees using their work PCs to book a holiday, shop, gamble, trade stock online, or even look for a new job.

In addition, corporate computer-network security can protected by monitoring whether employees use Web-based e-mail, chat-rooms or instant messaging, which can bypass company firewalls and risk exposure to malicious attacks from outside. Employees intentionally passing on sensitive company information can be identified.

Finally, inefficient use of the expensive corporate network and Internet connections can be curbed because Net surfing places an extra demand on precious bandwidth.

Corporate customers can buy both blocking and administration software. Customers can also pay a subscription fee to receive an updated control list of URLs. Most filtered sites fall into the "sinful six" category of pornography, hate/racism, sport, gambling, religion, weapons, but other categories could include entertainment, news, shopping and messaging sites. The company's administrator then uses the management software to decide which groups of users can see what and when.

The problem here, is the ability of the control-list technicians back at the software vendor to keep track of the thousands of sites that come online each day, or move address to avoid being blocked.

Some product have control list that are fully automated. "Crawlers" search sites for certain words and groups of words. The software can also track graphics in the content, such as pornographic pictures or racist symbols, whatever the language of the site.

But this automated technique could result in what is called "overblocking." For instance a retailer could find parts of its own site blocked because the underwear page shows too much skin or the login page asks for the "sex" of the shopper. The same criticism is leveled at the "sniffer" packages.

Increasingly, this software comes as part of an integrated security package containing antivirus and intrusion detection at the corporate Internet gateway -- or "firewall" -- or on the desktop. Your company chooses what the key words should be and selects particular URLs to be blocked. The advantage of such packages is that the customer neither needs to buy into a separate control-list subscription service nor purchase a server specifically to run the huge database of URLs locally.

Analysts forecast that corporate demand for Internet filtering will grow at 2.5 times the rate of the rest of the market, with stronger demand from the European and Asian markets.

With time, analysts expect companies' evolving Internet-management policies to move beyond merely restrictive practices. They say that the data gleaned from monitoring employee Internet access could be used to refine employee-training programs or improve corporate efficiency.

For IT staff, trying to keep things standard is a frustrating, and draining proposition, particularly as users become more Internet-savvy and start playing with instant messaging, downloading audio files or tuning in to Internet radio.

Struggle

Summary

Struggle:

Users vs. IT

Opponents:

Users exercising their download skills and IT staffers flexing their administrator muscles.

Outlook for resolution:

If users communicate their needs to IT rather than taking matters into their own hands, IT departments can become more proactive about finding the right tools to increase users' productivity. There will always be stubborn parties on both sides.

User impact:

Give a little, get a little. Cut back on the recreational activities and business tools may improve.

 

As more employees take to the Web on company time, the need for monitoring Internet access in the workplace becomes a business concern. When the consulting firm Dataquest, a unit of Gartner Group, asked 200 business executives recently whether Internet use should be monitored at their companies, a resounding 82% said yes.

Considering that during an average week most employees spend up to three hours of work time using the Web for personal reasons, the call for regulation is arguably justified. But it certainly won't win any popularity contests.

Despite the need for management, most companies haven't formalized their policies about work-related Internet use. A majority of companies ask their employees for little more than compliance to a formal usage policy. However, for a growing  number of businesses this just isn't enough. There's increasing sentiment among executives that a more hands-on approach to Web management is needed.

Although surveillance within the workplace can be a sticky topic, businesses are turning to such activity in order to understand Web use during work hours more effectively. According to survey participants, 34% of companies have already  deployed such a program. And more businesses are expected to follow suit. Dataquest expects Web surveillance in the workplace to jump from 34% in 1999 to 66% by 2001.

Will employees consider such monitoring a violation of privacy? To keep the backlash to a minimum, companies will have to communicate clearly why such monitoring is taking place.

For most employees, Internet monitoring by their employers won't cause too much concern. Few workers act inappropriately  when surfing the Web. Only 5% of employees choose to put their careers in jeopardy by visiting dubious Web sites while at work. Still, most managers probably realize that there ought to be limits to such surveillance. The end doesn't always justify the means.

Whitehelm Network Security Ltd. has established strategic relationships with world-wide leaders in content security and management market. Our solutions provide enforcement of email security policies, consolidation of security  countermeasures, virus detection and prevention of malicious attacks. We strongly believe that the new model of e-business  requires an open-door policy that allows Internet technologies to flow in and out of organisations. Whether the priorities for an individual enterprise lie in protecting information, maximising its operational effectiveness, minimising its corporate liability or guarding against damage to its market image and presence, Whitehelm delivers comprehensive business content security solutions.

Please call 0870 421 4023 to find out about our content security solutions, or e-mail content.team@Whitehelm.com requesting more information.

 

Internet Access Management
WhiteHelm End to End Network Security

Copyright ©2004-2010 Whitehelm Network Security Ltd
Copyrights, Trademarks & Disclaimers Terms & Conditions