If your business offers unfiltered access to the Internet, chances are there are minutes or hours in the day where non-work activity takes place. Some employers have a work environment where this unchecked and unfiltered state is actually part of a morale of trust and confidence that the staff will get the work done even efficiently and keep a high level of productivity.
Two weeks ago we offered a free trial of a Unified Threat Management appliance to this client of ours at an insurance brokerage of about 15 staff. They had operated without any filters for many years and wanted to at least know what was happening. So we followed these simple steps to allow for a smooth transition and to keep everyone aware of upcoming changes.
Step 1 – Have an Acceptable Use Policy written and signed off
An Acceptable Use Policy – AUP – serves the purpose of making sure all staff know what is acceptable at the workplace, and what isn’t.
Step 2 – Implement a Unified Threat Management Appliance in Monitoring mode
An appliance can be installed at your office premises without disrupting any exiting access, and simply give the employers insight into how the Internet is being used throughout the premises.
Step 3 – Apply appropriate filters
Special case considerations
- Social Media use is often restricted as it is seen as personal and has no role during working hours. However, most businesses now have a legitimate reason and role to play on twitter and facebook to maintain their own business presence.
- Time of Day access. The complete filtering of all social media access may have a negative effect on morale, and some companies choose time-of-day rules to allow social media access during lunch hour, for example.
- Logs may be misleading. If it’s your first time implementing a UTM, you will likely notice log entries of websites being visited, and when confronting said employee/computer, you will encounter denial. This can be legitimate because millions of workplace computers are infected with malware that cause the computers to operate silently under the control of botnets. Protection from web-based viruses, malware and spyware is another strong reason to implement and keep a UTM at every office.
It’s also worth pointing out that 3G connectivity through mobile phones is ubiquitous in many areas of the world. So blocking facebook on the work computer may simply cause the employee to use their own mobile phone instead. This is why an acceptable use policy is important to have in place. Consistent use of a mobile phone also leaves an optic that is not hard to detect by fellow employees and supervisors.
Do you have any specific need you don’t see covered here? Chances are it can also be achieved with a UTM.