1 / 33

Internet Filtering for a Harassment-Free Workplace

Internet Filtering for a Harassment-Free Workplace. John Kinas - MCSE,CCNA District of Columbia Bar for 2003 NABE Tech Show Seattle, WA. Internet Use Policy. Achieving an harassment-free workplace is an important reason for organizations to adopt an Internet Use Policy.

yukio
Télécharger la présentation

Internet Filtering for a Harassment-Free Workplace

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Internet Filtering for a Harassment-Free Workplace John Kinas - MCSE,CCNA District of Columbia Bar for 2003 NABE Tech Show Seattle, WA

  2. Internet Use Policy Achieving an harassment-free workplace is an important reason for organizations to adopt an Internet Use Policy. Other important reasons include: • Reducing non-business use of expensive internet connections • Security • Network reliability • Legal liability arising from employee behavior

  3. Internet Use Policy Adoption of Internet Use Policy must precede selection and deployment of internet filtering solutions. • Software and hardware solutions vary widely in cost and capabilities • Software and hardware must meet policy requirements

  4. Implementation Tools for Internet Use Policy • Web filtering tools • IM filtering tools • Email monitoring/content screening tools

  5. Implementation Tools for Internet Use Policy • Technically skilled employees may be able to disable or circumvent internet filtering software • 100 percent accuracy is not realistic • Technological advances may make current solutions obsolete

  6. Web Filtering Tools • What does web filtering software do? • Allows administrators to block and/or audit employee access to specific categories of content addressed in internet use policy • Categories provided by manufacturers may include • Pornography • Gambling • Hate group sites • Auction sites • eCommerce sites

  7. Web Filtering Tools • Logs and generates reports on employee browsing activities • Provides some method for manually blocking and unblocking sites as needed • Methods used by manufacturers vary • Most software manufacturers attempt to screen all web content, compiling blacklists sites for each content category • Some attempt to filter content as it is requested by users. • Many manufacturers include Whitelist features, allowing administrators to specify sites always permitted

  8. Web Filtering Tools • Free browser-based filtering tools: • Internet Explorer • Netscape • Some assembly required server-based tools: • Web Proxy Servers • Rapidly changing web content makes manually configured web filtering ineffective time consuming and ineffective

  9. Web Filtering Tools • Desktop-based systems • Typically used in home, home office, and small office environments where IT support is minimal or non-existent • Pros: • Low initial cost • Relatively easy to install • Cons: • Software must be installed on each computer • Difficult to maintain consistent policies in large or growing organizations • Technically sophisticated employees may disable or defeat many desktop-based web filters using instructions published on internet

  10. Web Filtering Tools • ISP-based systems • AOL, MSN, and other large Internet Service Providers provide some filtering features. • Target market for these products are home users and home offices • AOL filtering features require use of AOL’s proprietary browser • Corporations typically do not use of ISP-based filtering tools

  11. Web Filtering Tools • Server-based systems • Typically used in medium to large organizations • Pros: • Easier to maintain consistent policies in large/growing organizations • Little or no software installation on desktop systems • Some manufacturers permit logging by both computer and by user, tightening employee accountability for web browsing behavior • Cons: • Relatively high initial cost for software • Dedicated server or appliance may be needed • Steep learning curve for administrators • Technically sophisticated employees may defeat features by using “Anonymizer” websites

  12. Web Filtering Tools • Appliance systems • Low- maintenance specialty computers designed solely to filter web traffic • St. Bernard Iprizm • 8e6 R2000

  13. Web Filtering Tools • Appliance systems • High initial costs compared with software only products, but… • …reduced setup and maintenance • Some firewall appliances include content filtering features (Sonic appliance)

  14. Web Filtering Tools • Don’t expect too much • September 2001 PC Magazine survey: the best products consistently block 85% or more of objectionable content • The more aggressively you attempt to block objectionable content, the higher your incidence of false matches

  15. Web Filtering Tools • Questions to ask software vendors/suppliers: • What method does this product use to ensure that our Internet Use Policy is applied in a rapidly changing internet environment? • Will this product be flexible enough to allow different levels of web access for different groups of employees? • Will this product accomplish its mission without placing excessive demands on IT and HR professionals? • Are the web logging/reporting features for this software consistent with our internet use policy?

  16. Web Filtering Tools: Ratings Source: PC Magazine - March, 2001

  17. Web Filtering Tools: Costs • Costs of deploying software to enforce Internet Use Policy for a 20 user network • Desktop software: Cybersitter - $399.00 • Server software: Elron Software IM Web Inspector $806.95 • Appliance: iPrism - $2,195 (appliance) + annual blacklist subscription Source: 1/2003 manufacturers web sites

  18. Internet Explorer Web Blocking From IE Main Menu, Select Tools Select Internet Options Select Content Tab

  19. Internet Explorer Web Blocking • Select Settings button • Select Enable button • Create supervisor password

  20. Internet Explorer Web Blocking • Set ratings for each category shown • Select OK to save settings

  21. Internet Explorer Web Blocking • Select Approved Sites tab • Enter the urls for each site you want employee to see, regardless of ratings

  22. Internet Explorer Web Blocking • If you want only rated sites (and those specifically authorized by a supervisor), check “Users can see sites…” box • If you want to permit supervisors to override ratings, check “Supervisors can type…” box

  23. Internet Explorer Web Blocking • Many popular sites are not rated • If users are not allowed to see unrated sites, a supervisor must manually authorize it. • Weak security on Windows 98/ME computers • Anyone with the supervisor password can disable web blocking • Installation of another browser (Netscape, Monzilla) will circumvent restrictions.

  24. Email and IM Blocking Tools Employer interest in Email and IM Blocking software may be prompted by • employee productivity concerns • virus control • security (particularly in financial, law enforcement, and governmental sectors) • network reliability considerations Harassment-free workplace objectives are likely to be secondary to these objectives

  25. IM Filtering Tools • IM services can be considered rogue technologies: designed to resist blocking by firewalls, and web proxies • Some IM technologies (AOL, Yahoo) may be blocked by network routers or firewalls, but doing so prevents any communications – including web traffic and email – to these networks

  26. IM Filtering Tools • Many organizations can’t decide whether IM should be banned or legitimized • Software designers attempt to give employers a range of options • It’s up to the organization to match features to its Internet Use Policy • AOL, MSN, Yahoo and other IM services change constantly; changes may circumvent filtering

  27. IM Filtering Tools What does IM Filtering software do? • Enforces Internet Use Policy by blocking or selectively allowing IM messages on the corporate network • Forces users to replace poorly-secured IM desktop software with more secure versions • Audits IM use • Translates IM screen names to employee names • Restricts IM communications by employees to authorized outside IM users • Automatically censors and/or alerts administrators when IM users include key words or phrases in IM messages.

  28. IM Filtering Tools • Akonix L7 • E-Vantage IM Sentry • Alternatives: • Inspect desktop computers and remove IM software • Block Yahoo, AOL, MSN servers at your router

  29. Email Content Tools • What does Email Content software do? • Company-wide disclaimer • Adds uniform corporate disclaimers to all outgoing messages • Content auditing/filtering • Audits incoming and outgoing email for unauthorized content • Automatically quarantines blocked messages for review by administrator • Many products in both categories bundle with anti-spam, anti-virus, and attachment control features

  30. Email Content Tools • Company-wide disclaimer • GFI Mail Essentials • Red Earth Software Policy Patrol Disclaimers • SS&G Technology SMTP Disclaimer • Netal DisclaimIt • Content auditing/filtering • GFI Mail Security • Intellireach Content Inspector / Content Auditor • SurfControl Email Filter • NMEX Power Tools for Exchange • CMS Praetor • Trend Micro Scan Mail for Exchange 2000

  31. Email Content Tools • Changes in email content rules can have unintended consequences • Including “sex” on your content-checking list will, in most blocking software, block “Middlesex, MA”, “famous explorer”, “Jane’s ex-husband” • Test content blocking rules with sample messages • Log content rule changes • Monitor quarantined mail carefully after changing rules.

  32. Summary • Management must adopt an Internet Use Policy before buying or deploying software to monitor or filter internet traffic • Match software purchases to specific needs of Internet Use Policy • Educate users about Internet Use Policy and what they need to do to comply • Don’t expect 100% accuracy from automated tools • Check desktop systems periodically to verify that blocking software hasn’t been disabled or uninstalled.

  33. Resources: • Email Content Tools • www.slipstick.com • www.mail-resources.com • www.amrein.com/eworld.htm • Web Filtering Tools • www.peacefire.org/info/blocking-software-faq.html • www.cexx.org/censware.htm • IM Filtering Tools • www.akonix.com • www.evgl.com/imsentry.html

More Related