Guiding Perspectives: CEO Article Series

Introduction

Thirty years ago, as the CEO of Wavecrest Computing, I witnessed the internet’s emergence as a transformative force, reshaping business operations with a magnitude that arguably surpasses Henry Ford’s assembly line. The introduction of early browsers like Mosaic and Netscape made the internet accessible to all, enabling instant communication, global collaboration, and unprecedented productivity. Today, we stand at the threshold of another revolution: the rise of artificial intelligence (AI) tools. Both the internet and AI are powerful instruments, but their potential is only realized through careful management. At Wavecrest, our products, Cyfin and CyBlock, have helped businesses navigate the internet’s challenges for decades. As AI reshapes the workplace, the lessons we’ve learned underscore the need for oversight, informed decision-making, and tailored strategies to maximize productivity, security, and compliance.

The Internet’s Transformative Impact

The internet’s arrival in the 1990s was a paradigm shift. Much like Ford’s assembly line standardized manufacturing, browsers democratized information, empowering businesses to operate globally and innovate rapidly. However, this power came with challenges. When internet access reached every employee’s desktop, businesses gained a revolutionary tool but often lacked the means to manage it effectively. Wavecrest was among the first to recognize this, developing Cyfin to provide actionable insights into employee web usage, addressing not just security but also productivity and legal concerns.

Ford’s assembly line succeeded because he trained workers, monitored performance, and iterated improvements. In contrast, many businesses deployed the internet without similar rigor. Acceptable use policies, often driven by legal departments, focused on liability but rarely harnessed the internet’s full potential. This gap—between the tool’s power and its management—persists, leaving companies vulnerable to risks and missed opportunities.

Challenges of Internet Access

The internet introduced three key challenges, each requiring careful oversight:

Security Risks: Research shows that 88% of data breaches stem from human error, such as clicking phishing links or mishandling data (Stanford Research: 88% Of Data Breaches Are Caused By Human Error). Employees, not external hackers, are often the weakest link, necessitating robust training and monitoring.

Legal Liabilities: Internet misuse can lead to lawsuits over harassment, copyright infringement, or data privacy violations. For example, inappropriate email use or unauthorized downloads expose companies to significant risks (Employment Liability Laws for Internet Usage). Legal-driven policies address these but often overlook productivity.

Productivity Losses: Studies estimate that 30-40% of workplace internet activity is non-work-related, costing U.S. businesses $63 billion annually (Employee Internet Management: Now an HR Issue). Social media, shopping, and entertainment distract employees, undermining efficiency.

These challenges highlight a critical truth: being informed is essential for effective decision-making. Without visibility into how employees use the internet, businesses cannot optimize its benefits or mitigate its risks.

The AI Revolution: A New Frontier

As we reflect on the internet’s impact, AI tools—large language models, automation platforms, and analytics engines—are ushering in a new era. Like the internet, AI promises to augment human capabilities, streamline tasks, and drive innovation. However, it also amplifies existing challenges and introduces new ones. Dropping AI onto employees’ desktops without oversight risks repeating the internet’s early mistakes, where enthusiasm outpaced management.

Security Risks: AI amplifies human error risks. A 2024 Gartner report notes that 40% of organizations faced AI-related security incidents due to employee misuse, such as inputting sensitive data into unsecured models (Gartner: AI Security Risks). Without monitoring, businesses cannot detect or prevent these vulnerabilities.

Legal Liabilities: AI raises complex legal issues, including data privacy violations and ethical concerns. Processing personal data with AI can violate regulations like GDPR, while AI-generated content may infringe copyrights or produce biased outputs (AI and Data Privacy Risks). Tailored policies are essential but must be grounded in real usage data.

Productivity Concerns: AI’s potential to boost efficiency is immense, but misuse can erode gains. A 2025 McKinsey study estimates that 20% of AI initiatives fail to deliver ROI due to poor integration (McKinsey: AI Productivity Challenges). Employees using AI for personal tasks or inefficient workflows—such as excessive prompt tweaking—can mirror the internet’s productivity losses.

Training Gaps: Effective AI use requires training, but generic programs miss the mark. Without data on how employees interact with AI (e.g., tools used, tasks performed), training cannot address specific needs, reducing its impact.

The Pitfalls of Generic Policies

Both the internet and AI suffer from a common issue: reliance on boilerplate policies. Internet acceptable use policies, often legal-driven, focused on liability but neglected productivity. Similarly, generic AI policies—such as blanket bans on public models or vague usage guidelines—fail to account for organizational nuances. A marketing team may need AI for creative content, while a finance team requires strict data controls. Without understanding actual usage, policies remain disconnected from reality, undermining productivity, security, and compliance.

The Role of Oversight: Lessons from Cyfin

Wavecrest’s experience with the internet offers a blueprint for managing AI. Cyfin addresses the internet’s challenges by transforming complex firewall logs into clear, actionable reports, enabling management and HR to monitor usage, identify risks, and optimize productivity. Unlike built-in firewall tools, which focus on traffic and security, Cyfin excels at reconstructing user actions, providing insights competitors cannot match. This capability is critical, as raw logs are voluminous and difficult to interpret, often leading IT and management to chase inaccurate data (The Significance and Role of Firewall Logs | Exabeam).

Extending this to AI, businesses need tools to track interactions with AI platforms—e.g., which tools are used, how often, and for what purposes. Cyfin’s adaptability positions it to deliver similar visibility, reporting on AI usage to inform policies, training, and security measures. For example, Cyfin could identify employees sharing sensitive data with AI models, spending excessive time on non-work tasks, or struggling with specific tools, enabling targeted interventions.

Best Practices for Harnessing Revolutionary Tools

To maximize the internet and AI’s potential, businesses should adopt these strategies:

• Implement Comprehensive Monitoring: Use tools like Cyfin to gain visibility into internet and AI usage, providing management with data to make informed decisions.
• Develop Tailored Policies: Base policies on actual usage patterns, ensuring they address productivity, security, and legal needs specific to your organization.
• Prioritize Training: Tailor training to usage data, addressing gaps in skills or security awareness to enhance effectiveness.
• Foster a Culture of Responsibility: Encourage employees to use these tools productively and safely, supported by clear expectations and monitoring.
• Leverage Specialized Tools: Avoid relying on generic solutions like firewall logs, which lack the granularity needed for user-focused insights.

Conclusion: A Call to Action

The internet transformed business, and AI promises to take this further. However, their power is only realized through proactive management. Ford’s assembly line succeeded because he monitored and optimized it; businesses must do the same with the internet and AI. Security risks, legal liabilities, productivity losses, and training needs demand comprehensive oversight, tailored policies, and actionable data. At Wavecrest, we’ve spent 30 years helping businesses navigate these challenges with tools like Cyfin, which deliver the insights needed to harness revolutionary tools effectively.

As we embrace AI, let us learn from the internet’s history. Being informed is critical—only with the most facts can we make the best decisions. Businesses unaware of tools like Cyfin or struggling to implement oversight risk squandering AI’s potential, just as many did with the internet. By investing in visibility and management, organizations can shape a future where these tools drive productivity, security, and innovation. Join us in harnessing the next revolution.

How Cyfin Delivers Actionable Employee Web Activity Reports from Complex, Noisy Firewall Data

Executive Summary

Organizations rely on firewalls to secure their networks, but these tools generate logs that are incredibly complex. Every device, system update, browser tab, and cloud sync creates a connection—and every connection gets logged. For IT, HR, and management teams trying to understand actual employee behavior online, these logs present a mess of indistinguishable data. Cyfin changes that.

Cyfin is a powerful log-parsing and reporting engine that reads raw, connection-based firewall logs and delivers clear, human-readable reports focused on employee-initiated web activity. It cuts through the noise—from Windows updates to endpoint security traffic—and delivers reports designed for both technical and non-technical audiences.

Why Cyfin is Different

Most tools tell you everything that happened on the network. Cyfin tells you what your employees did.

Firewall logs don’t distinguish between a user browsing a news site and their machine syncing with a cloud service. Cyfin’s core strength is its ability to recognize and separate human-initiated actions from the flood of background traffic that is increasingly using the same web protocols and ports.

This distinction is essential. Whether you’re conducting an internal investigation, responding to a compliance request, or simply monitoring productivity, Cyfin gives you the clarity you need to make decisions based on facts, not assumptions.

Key Benefits

1. Accurate Employee Web Usage Monitoring
   • What It Does: Filters out non-human activity to focus solely on employee-initiated web actions.
   • Why It’s a Game-Changer: Standard firewall reports lump everything together, distorting the picture of employee behavior. Cyfin ensures accuracy by isolating what matters.
   • For IT: Automates log analysis, reducing your workload and delivering precise data.
   • For HR & Management: Delivers a true view of employee web use—perfect for enforcing policies or boosting productivity.
2. Simplified Compliance and Security
   • What It Does: Produces detailed, auditable reports to meet regulations (e.g., GDPR, HIPAA) and spot security risks.
   • Why It’s a Game-Changer: With remote work and data privacy laws on the rise, Cyfin’s reports provide compliance-ready evidence and threat detection.
   • For IT: Seamlessly integrates with your firewall setup for efficient monitoring.
   • For HR & Legal: Offers easy-to-use reports tailored to your compliance needs, simplifying audits.
3. No Software on Employee Devices
   • What It Does: Monitors activity directly from firewall logs—no agents needed on individual devices.
   • Why It’s a Game-Changer: Cuts deployment hassle, reduces privacy concerns, and works across all devices.
   • For IT: Eliminates the need to manage software on endpoints, saving time.
   • For HR & Management: Provides monitoring without invasive tools, maintaining employee trust.
4. Multi-Vendor Firewall Compatibility
   • What It Does: Supports top firewall brands like Palo Alto, Cisco, Fortigate, and SonicWall.
   • Why It’s a Game-Changer: Unifies reporting in mixed IT environments, streamlining management.
   • For IT: Standardizes reporting across vendors, simplifying your workflow.
   • For Management: Ensures consistent, clear reports regardless of firewall setup.
5. Scalable for Any Organization
   • What It Does: Handles large data volumes effortlessly, growing with your needs.
   • Why It’s a Game-Changer: Keeps performance strong as your workforce expands.
   • For IT: Manages high-throughput environments without slowdowns.
   • For Management: Delivers reliable insights at every stage of growth.

Cyfin in Action

Consider this scenario: A department manager suspects excessive personal web use during work hours. The IT team pulls logs from their firewall, but what they get is a flood of technical entries—tens of thousands of lines including Windows telemetry, antivirus updates, background ad tracking, and cloud syncs.

With Cyfin, that same data is distilled into a clear, chronological report showing actual employee-initiated browsing—highlighting visits to shopping sites, video streaming platforms, and news articles. HR receives a clean PDF report that supports a productive and well-informed conversation with the employee in question.

Conclusion

Cyfin solves a problem that even seasoned IT professionals struggle with: how to turn raw firewall data into meaningful insights about employee web behavior. Its ability to separate human action from machine noise makes it an invaluable tool not just for IT, but for HR, Legal, and Management teams as well.

When accurate visibility into employee online activity matters, Cyfin is the solution that delivers clarity from chaos.

In today’s digital workplace, managing how employees use the internet is crucial for several reasons:

Network Security:

• Why it Matters: Malicious websites can expose your network to cyber threats.
• What Cyfin Does: Our system identifies and blocks access to high-risk sites, protecting your company’s data.

Productivity Enhancement:

• Why it Matters: Excessive non-work-related browsing can decrease productivity.
• What Cyfin Does: We provide insights into time spent on different activities, helping you foster a more focused work environment.

Web Application Usage:

• Why it Matters: Unauthorized app usage can lead to data leaks or reduced productivity.
• What Cyfin Does: Monitor and manage which applications are used, ensuring they align with business needs.

Policy Compliance:

• Why it Matters: Clear internet usage policies protect both the company and employees.
• What Cyfin Does: We help ensure everyone follows these policies, promoting a fair and secure online work culture.

Training & Optimization:

• Why it Matters: Educating employees on optimal internet use can significantly boost efficiency.
• What Cyfin Does: Our analytics tools provide data to tailor training programs that enhance digital literacy and productivity.

Key Takeaways:

• Monitoring isn’t about mistrust; it’s about creating a safer, more productive digital workspace.
• Data-driven insights can lead to better policies and practices.
• Employee education on internet usage can transform how your team interacts with digital tools.

For businesses looking to balance security, productivity, and employee well-being, understanding and implementing effective internet monitoring is essential.

#EmployeeInternetMonitoring #CyberSecurityEducation #WorkplaceProductivity #DigitalWorkplace #Cyfin

I previously discussed that employee Web use has much to do with human behavior in the workplace, and the management of it is not just an IT issue. All stakeholders and areas of the company can help manage employee Web use effectively. With IT investing time in researching and implementing the most suitable Web filtering and monitoring solution for the organization, collaborators in the company, such as senior managers, HR, and department managers, can get the right information in the right format. Ideally the solution would include a reporting engine or Smart Engine making it possible for collaborators to get a true picture of employee behavior. Here I’ll discuss the features of a Smart Engine and its importance in deriving human behavior from Web-use data.

First of all, what is a Smart Engine? A Smart Engine is a powerful reporting engine that helps companies make informed, data-driven decisions and take action on issues concerning the proper use of their network resources. It provides direct, easy, and fast access to data, and low-latency, real-time analytics. With its elaborate, distributed system, it is highly scalable and able to handle petabytes of data. A Smart Engine is built for speed and provides a scalable solution that is optimized for analytics retrieval.

Smart Engine analytics provide the information for reporting–charts and reports–to present accurate and up-to-date Web activity. The Smart Engine utilizes algorithms that perform functions such as determining real Web browsing activity, user names, and time online from Web traffic, and categorizing URLs into logical groups based on content. Without the Smart Engine and its analytics, the reporting components could not provide the adequate information that a company needs to manage employee Web use. The Smart Engine makes technical data usable and manager-ready. Examples of its algorithms are discussed below.

The most important algorithm is one that distinguishes between real Web browsing activity from user clicks (or visits) and background Web activity (unsolicited traffic or hits) by identifying the content of each URL. True visits are actual user clicks that do not include multimedia URLs, such as images, audio Web pages, advertisements, or Web pages that were requested as part of a visit, that is, unsolicited. The differentiation between Web traffic visits and hits is of high importance for companies that want to manage the human factor. Companies can get a true, meaningful picture of the level and type of Web activity occurring in their network.

When Web filtering and reporting products do not include user names in Web traffic records, user Web activity is lost and unaccounted for. The company may not even know that this is occurring. Another algorithm performed by the Smart Engine is a user name caching algorithm that uses the cache user name if available, versus the IP address, allowing you to capture all activity of the user and get more detailed data in reporting.

When users are online, they could be reading a Web page, performing another task in a different application with the browser open, or possibly away from the computer entirely with the browser open. A time online algorithm uses a highly accurate priority method for calculating users’ time online. Managers and IT administrators can quickly see which users, categories, sites, and so on had the most volume of activity and address any potential issues, such as productivity loss, bandwidth slowdowns, and policy noncompliance.

Another algorithm that produces Smart Engine analytics is a categorization algorithm. This algorithm is designed to report on all Web activity. With the extensive content categories available in the Web filtering and monitoring tool, this algorithm categorizes the organization’s Web activity so that managers can analyze their employees’ Web usage. Proper URL categorization detects and identifies a broad range and a high percentage of total Web activity.

The Smart Engine feeds data to the reporting components of a Web monitoring and filtering tool and provides analytics for determining human behavior. You will not get this type of data directly from any firewall on the market today. The raw data itself is only information about machine/network requests. It is not about human activity, but about the machine’s response to a human request to get or push information. The Smart Engine enables companies to quickly create simple Web browsing reports and analyze current or historical Web-use data from human behavior. This human behavior data is what is truly needed to effectively manage employee Web use to keep your employees and network safe.

Proper management of employee Web use requires that all company stakeholders be provided with the best possible information on the Web activity of their Internet users. Specifically, the right information needs to get to the right people in the right format. This might be a challenge for companies for various reasons. One reason is that managers who may want to address productivity issues with employees, based on their Internet use or abuse, do not have the information in an easy-to-read and actionable format. They may not even have reporting access to their department’s Web activity whether through data visualizations such as charts, e-mailed reports, or a manager portal.

Another reason is that if there is reporting on Web traffic in the organization, it may be inadequate in showing relevant human behavior in the workplace. That is to say, almost all Web-use reporting tools provide information at the computer transaction level, not the user activity level. Hits and requests are computer-to-computer connections, i.e., all the hits/requests made when a user clicks a link. Your IT or network person is interested in computer-to-computer or computer-to-server communication, i.e., hits, requests, bytes, etc. Managers are interested in visits, time online, categories, and classifications and cannot read computer-level communication reports that don’t mean anything in terms of human action.

Without knowing the human behavior in the organization, management is unable to define what is normal and flag anomalies that may indicate insider threats, i.e., human actions that threaten data security. They are also unable to detect trends in workforce productivity or determine whether an employee is in compliance with corporate policy. In this article, I will cover what you should expect from your Web monitoring and filtering solution to get the most accurate, actionable Web-use information to all company stakeholders, i.e., senior managers, IT, HR, and department managers.

Company stakeholders or collaborators require specific Web-use data and need the right information to make decisions and take action. Reliable Web-use metrics are pertinent to the output of accurate Web-use information. Metrics allow you to analyze patterns of human behavior to detect inappropriate or excessive Internet use, address employee behavioral issues, and discover events that could lead to a data breach. In your Web monitoring and filtering tool, you should be able to get this data presented in easy-to-read visualizations such as reporting dashboards, charts, and detailed audit reports. The tool should also be able to serve dashboards, reports, and metrics from an easy-to-use portal.

All of these reporting visualizations provide several benefits for IT staff, administrators, managers, HR personnel, and other users. They can supply specific information to a specific audience in the company, increasing efficiency and productivity. They can be used for analysis of human behavior which allows companies to manage and control employee Internet use. They can be customized to offer different types of analyses for different users and therefore serve different purposes. And they comprise different reporting types such as Operational, Strategic, and Analytical reporting, allowing customized reporting of the data.

Operational reporting shows activity that is happening now and is based on real-time data. With real-time employee Web-use metrics, IT can monitor Web activity in real time as well as employee bandwidth consumption. The data is updated frequently. Operational reporting components are designed to be viewed multiple times during the day. Real-time employee Web-use metrics give a real-time running display of the browsing behavior of employees, i.e., current user activity, and identifies bandwidth hogs in real time.

Strategic reporting summarizes performance over set time frames, for example, last week or last month, and its individual visualizations, such as dashboard charts, are updated on a recurring basis at less frequent intervals. In relation to key performance indicators or metrics, Strategic reporting can show a snapshot of top consumer Web activity with interactive visualizations providing the details. This data may be of interest to IT staff, managers, and HR personnel. With these interactive visualizations, collaborators can quickly discover and track which users, categories, or sites had the most activity, how much time users are spending online, and so on. With drill-down capability, these charts can provide the details of user Web activity for audits and investigations.

Analytical reporting shows trends in data over time as well as comparisons of Web activity. This data may be of interest to managers and HR personnel. Its data visualizations may consist of trend and comparison charts as well as detailed audit reports, allowing collaborators to analyze large volumes of Web activity data for long-term audits and forensic investigations. Comparison charts allow collaborators to compare the Web traffic for a set date range with that of a previous period to detect any anomalies in Web activity. Analytical reporting also includes categorized, detailed audit reports that can deliver a comprehensive analysis of user activity including their visits, search terms, and inappropriate sites. They can be quickly run as ad hoc reports saving time in audits or investigations.

As mentioned earlier, your Web monitoring and filtering tool should be able to serve these data visualizations from a portal that is accessible to managers as well as an IT administrator. IT should be able to easily distribute reports manually or schedule reports for automatic distribution to managers as necessary. In the self-service portal, managers would be able to create reports on their authorized groups without assistance from IT and drill down to detailed user Web activity.

While reliable metrics are a critical part of Web-use data, your tool should also include a Smart Engine that feeds that data to the reporting components and provides analytics for determining human behavior because the raw data itself is only information about machine/network requests. It is not about human activity, but about the machine’s response to a human request to get or push information. In the next article, we will discuss Smart Engine analytics and its importance in deriving human behavior from Web-use data.