Most SMEs Investing in Web Monitoring and Filtering in Support of Policies

Related Articles

• Two New Email Security Features to Combat Rising Tide of Targeted Attacks: Cisco IronPort Outbreak Filters and Business Class Email
• Are We Ready for a Cyber Wallet?
• Email Policy: Self-Governance or Central Enforcement?

Subscription Options

Subscribe Newswire

Widgets & RSS Feeds

In the last installment of the Messaging News Small Business Dispatch, I noted that many online scams rely on brand names to add legitimacy to the nefarious requests for credit card numbers, bank details, passwords and to plant malware. The need to monitor site traffic as a Web security tactic grows as this kind of activity continues. Organizations of all sizes are using Web monitoring and Web filtering solutions, including 69.9 percent of small and medium-sized enterprises (SMEs), according to a new survey by GFI Software. GFI reports that SMEs use the technology “to block offensive sites, stop malware infections from downloaded files and to prevent malware attacks from drive-by downloads.” The GFI survey respondents were either IT management or IT staff working in network management and administration. Only 8.9 percent had over 500 employees.

Employees, Social Networking, and Cyberslacking

“Cyberslacking.” Sounds fun doesn’t it? No doubt it is, but not necessarily desirable when you are paying employees for a work product. But blocking social media is not really possible anymore, especially as businesses continue to seek ways to use the medium as part of a business strategy. In fact, GFI notes that the most valuable brands in the world are experiencing a direct correlation between top financial performance and deep social media engagement. If it needs to be open for business, how do you close it off for personal employee use? The simple answer is, most companies don’t. In GFI’s survey of SMEs, respondents were asked if employees were allowed to surf the Internet for personal reasons during breaks. Eighty-five percent said yes, however, all used Web filtering to restrict what employees can view and access.

This restriction is well founded, not only to prevent cyberslackers from whiling away the hours, but also to keep threats at bay. In its Q3 2010 Internet Threat Trend Report, out this week, Commtouch Labs shows that hyperlinked malware and HTML attachments saw a “significant increase” as attachments either “displayed phishing pages or redirected users to sites hosting malware or spam.” Unsuspecting users can easily be fooled by these very sophisticated ploys.

Acceptable Use Policy Guidelines

GFI notes that: “While organizations are happy to allow employees to access the Internet for personal reasons, they are not giving them access to sites that are known to contribute most to loss in productivity / cyberslacking and those sites that are bandwidth-hungry. It also may be the case that organizations are only allowing access at certain times of the day, for example, during employees’ lunch break or after hours. Blogs and news sites are the categories of Websites blocked the least by respondents to the survey.”

Commtouch Labs reports that during the third quarter of 2010, the Web sites most likely to be compromised with malware continue to be pornographic sites—parked domains, business, computers & technology, and education round out the top five. For phishing threats, the top five are games, sex education, shopping, travel and computers & technology.

The use of Web monitoring is gaining acceptance among employees. Of those in the GFI survey, 92.5 percent inform their employees that online activity inside the organization may be monitored. Along with notifying employees of the policy, management should also work to educate employees on the “why” and learn about the potential risks they may bring into their company.