- Acronis
- Aruba Networks
- Assuria
- C2C
- Celestix
- Check Point
- Credant
- Cryptocard
- DESlock
- Exinda
- Extricom WLAN
- ForeScout NAC & IPS
- Imprivata SSO
- InfoGov
- IronKey
- Juniper Networks
- Loglogic
- Lumension
- McAfee
- Mimecast
- Netasq EAL4
- Palo Alto Networks
- Safend
- SecurEnvoy
- Sourcefire
- Stonesoft
- Swivel
- Symantec
- Titus Labs
- Trend Micro
- Vasco
- Verity Systems CESG Degausser
- Wallix
- Watchguard
- 1st Responder Services
- Business Support
- Database Security
- Forensics
- Information Systems Security Assessment
- ISO27001 GAP Analysis
- IT Security Awareness
- IT Security Consultancy
- IT Security Standards Compliance Assessment Service
- Penetration Testing
- Physical Security
- Service Management
- Social Engineering
- Wireless Security
- Web Application Test
Internet Security
The internet has become a business requirement and organisations should have an internet policy in place to control the way it used by its employees. Internet filtering can be seen as an employee productivity tool as it helps to control the access whilst using company resources. The Internet needs to be controlled for good reason as it is the main way new viruses are introduced to networks and therefore all traffic should be scanned to check for viruses, spyware and other malicious software.
Monitoring internet and email usage
Monitoring your staff's usage of the internet or email should be handled carefully. Although it may be easily justified, you need to consider issues of personal privacy and confidentiality.
The law allows you to monitor usage of the internet and email by your staff only after notifying employees that you intend to do so. You should make employees aware of the type and scale of monitoring. Explain why there needs to be some form of monitoring, for example to:
- check and cater for resource utilisation
- protect the individual from exposure to offensive material
- maintain the integrity of the business
There are exceptions to this requirement - such as when monitoring is used for:
- prevention or detection of crime
- apprehension or prosecution of offenders
- collection or assessment of any tax or duty
Laws including the Human Rights Act 1998, the Regulation of Investigatory Powers Act 2000 and the Data Protection Act 1998 affect workplace monitoring.
Employee monitoring is a sensitive area. There are often less intrusive ways of making sure that email and internet use doesn't damage your business.
You can use anti-virus software or filters that automatically block emails with high-risk attachments. You can also use software which automatically prevents people accessing inappropriate websites from your network.
Be particularly careful when monitoring communications that are clearly personal. Avoid opening these emails or confine monitoring to the address or heading. And if you need to access an employee's email account while they're away, always let them know in advance.
Remember to use your policies or employment contracts to inform employees about the extent of monitoring, or you will need to gain specific consent from them.
Web filtering functionality
Web filtering products tend to offer different amounts of functionality but these are centred around monitoring and enforcing your company internet policy, but they can also add elements of security with filtering and scanning.
Authentication How do they integrate into your own directory service. Once a users logs on to the network do they require any further levels of authentication in order to access the internet or is this done seamlessly? transparent authentication (NTLM authentication)
Content filtering - Being able to allow categories for acceptable web filtering is important so how many existing categories exist and how easy are they to add to white and black lists?
Web Filtering Restriction - Once categories are set and policies defined what levels of filtering can be adopted. Vendors products have different amounts of functionality regarding categories listed.
Monitor - Being able to silently monitor internet usage without end user knowledge to assess the way the internet used in the office.
Block - To restrict access to websites that fall out of the internet policy
Quota - To give end users the ability to use the internet for a certain period of time. Maybe give full access at lunch but then restricted access during the day.
Web filtering products
Web filtering products come in three main types ;
Managed services all internet traffic is routed via an external proxy and this means it can enforce policies to laptops if they leave the office and its very easy to deploy. But this is usually an expensive option as you have to pay a subscription license (same cost each year).
Hardware appliances This option is usually easy to deploy and manage as everything is pre-installed but you pay more for the first year to buy the box and then each following year you pay for support only. Every three years the hardware needs to be replaced. Evaluating hardware appliances usually depends on stock levels and incurs a shipping charge for delivery of the unit to your site.
Software (this can be a virtual appliance) This usually needs more time to configure and will need to run on hardware than you supply, but its usually a considerable cost saving.
Another option for web filtering could be to use a UTM firewall as these now have good gateway monitoring functions, though it depends on whether your firewall has this ability or whether you want your firewall to do more than just restrict traffic?
© Copyright Castleforce 2007-2012. Web design by Theme Group