WaveNews - Company Blog

WaveNews™ - Company Blog

Product updates, press releases and the latest developments in Web-use management & employee Internet monitoring from Wavecrest Computing.

Requirements of an effective employee Web-use management program

Because managing employee Web use deals with humans and their actions, it is a continuous process for all sizes and types of businesses, where the goal is to ensure employees use Web access safely for productive, work-related purposes. To attain a high level of success, I believe that this process requires a Web-use management program be put in place that involves many key players in the organization, communication of the company’s Web-use policy, implementation of a reliable tool to monitor and control Web use, and other important activities. In this article, I will discuss the requirements of an effective employee Web-use management program and the activities involved that will bring about safe and productive Internet use by the workforce.

The key ingredient in an effective program is collaboration and communication among the various groups in the company, i.e., senior management, Legal department, IT personnel, HR personnel, department managers and supervisors, and employees. Communication would include IT keeping company stakeholders informed about current hacker threats, as well as HR apprising senior management of pertinent employee Web-use behavior. Collaboration would occur among HR, IT, and department managers in training the workforce. Collaboration would also take place between IT and department heads to select the appropriate Web monitoring and filtering tool.

If you don’t have one already, another necessity of a Web-use management program is to develop a sound Acceptable Use Policy (AUP) consistent with corporate culture. The AUP should describe acceptable and unacceptable Web-use behavior, i.e., company rules for what constitutes desirable, acceptable, unacceptable, and abusive use of the Internet and other network resources. The policy should also clearly state how compliance will be monitored and what the consequences will be to employees abusing the use of network resources. Does your company have an AUP in place that spells out the rules to your employees?

To ensure adherence to the Web-use policy, it should be clearly communicated to the entire workforce, including management, informing them of what is and what is not acceptable in easily understood language. You may also want to have employees acknowledge that they read and understood the policy through a signed acknowledgement. HR and management personnel should hold meetings with workgroups to answer questions and provide any additional information. This fosters open communication in the workplace and allows employees to be more engaged in proper Internet usage.

In addition to communicating the policy to all concerned, another requirement of an effective Web-use management program is training employees on how to use Web access productively and safely. Whether training is conducted or coordinated by HR or in collaboration with managers and other department personnel, training sessions should cover Internet usage and related subjects. Specifically, employees need to be made aware of what sites they are visiting and what they are clicking on the Web. The purpose of training should be to encourage proper, productive, and safe use of network resources while reinforcing the information in the AUP.

An important requirement of a Web-use management program is to use a reliable software tool that is designed specifically to monitor compliance with Web-use policies and proactively control Web access. The tool should also include a smart reporting engine that distinguishes between user clicks (visits) and unsolicited traffic (hits) and easily presents accurate and up-to-date Web-use data, identifying desirable Web usage as well as unacceptable use and trends. Does your tool include a Smart Engine that analyzes Web traffic to better interpret human behavior? Does it generate easy-to-read, manager-ready reports? Does it give details on employee Web use with drill-down reporting capability? These are key features of a Web monitoring and filtering tool that will benefit IT, HR, and department managers.

Another activity that is necessary is following up with corrective actions when inappropriate Web access is detected. With a policy in place, personnel oriented, the workforce trained, and your Web monitoring and filtering solution actively monitoring and controlling Web use, there are still more activities to do. The tool will inevitably reveal patterns of inappropriate use or disclose signs of outright abuse. These incidents will require attention by HR and management personnel. After identifying the problems, management can take appropriate follow-up actions, such as counseling employees, training or retraining workers, changing work processes, and revising or clarifying the AUP. Managers may also need to institute follow-up audits on individual users and, in worst case, take disciplinary action including termination.

The final element of an effective employee Web-use management program that I will cover involves the establishment of a continuous improvement process by the collaboration team, i.e., HR, IT, department managers, etc. In this process, there would be frequent reviews of employee Web use, new Web services introduced into the network, and new security threats, modifications of work processes, and appropriate revisions of the AUP. All company stakeholders would be involved. What other activities have been effective in your company in managing employee Web use?

Unauthorized Web use can degrade workforce productivity, impact network performance, threaten network security, and create legal liabilities. Any of these outcomes can seriously impact your bottom line. An effective employee Web-use management program is essential to prevent this from happening. If the responsibilities of an effective program are carried out well, misuse and abuse of network resources will be minimized without damaging workforce engagement and morale. Getting accurate, actionable information to all collaborators is a must, and the tool that you are using should be able to provide this information. Next time I will discuss how to get this information with reliable metrics generated by a reporting tool.

Read more of my articles on Web-use management on LinkedIn and the Wavecrest blog: WaveNews.

World Cup 2018 starts next week… is your business ready?

The US may have disappointed many by being knocked out of the World Cup 2018, but don’t think fans will want to miss watching the games anyway. No matter where you are geographically, the World Cup is an event that carries fans even when their team doesn’t make it all the way! Is your business prepared for your employees’ inevitable streaming and Web surfing?

Even four years ago, many may have watched the World Cup on cable or satellite TV versus streaming. In 2018 though, many, known as cord-cutters, have even chosen to remove cable services at home and just stream on their televisions–making streaming a new way of life! Since the games are based in Russia this year, the time difference will likely cause games to be during working hours not only in the US, but even in Europe. Which means, devoted fans, I mean employees, may end up streaming at work potentially slowing down or clogging your bandwidth.

There is also the neverending threat of phishing e-mails and malicious ads. They tend to increase exponentially around events like this. Now is the time to make sure you have tools in place to block intentional or accidental access to malicious URL links, and have some refresher training for your employees on what to look for, avoid, and report.

The World Cup doesn’t happen often. It might be time to just let them catch some highlights on company time. But that doesn’t mean you have to risk productivity, bandwidth speed, or network and data security. CyBlock allows you to choose how much or how little risk, and to even change your mind in the middle. Let them enjoy without sacrificing your organizational priorities.

CyBlock® Employee Web Filtering and Monitoring Solutions provide advanced Web filtering, threat protection, comprehensive employee reporting, Smart Engine analytics, easy-to-use admin and manager portals, and more. Customers can easily configure CyBlock to monitor and manage compliance with their usage policies. CyBlock is available in various deployment options: CyBlock Software, CyBlock Appliance, CyBlock Mini Appliance, CyBlock Cloud, and CyBlock Hybrid as well as a Virtual Appliance version.

About Wavecrest
Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit Wavecrest.

No more consolidation confusion . . . just leading employee Web-use management solutions that fit.

Companies change, grow, restructure, merge, acquire, and get acquired. It’s business and we know how that can be. Those of us that have seen this happen from within know that true impacts to the general business structure and overall goals don’t really show up for a year or two. Rarely does an acquired or merged business stay the same. The impact though can be internal, within the employee structure or daily business operations, or there can be  more obvious external impact to the financial status of the business, such as going private, or to the customer base focus. The last being the most likely to cause a domino-style effect of disruption.

Now is the time to really consider how to handle the consolidation changes that have been announced by Forcepoint. With the Raytheon acquisition of Websense a few years ago, everyone knew changes would come eventually. Unfortunately, the recently announced business consolidation will tend to leave some traditional Web-use management customers out in the cold. Whether you were a Websense customer before Raytheon or have gone to Forcepoint looking for the Websense-style solution in the last few years, you know what you are looking for from a Web-use management solution. Give CyBlock and Cyfin a try. Depending on what you need for your unique business, the first and only decision you need to make is Wavecrest. With deployments to fit every business size, type, and need, Wavecrest will allow you the comfort of moving away from the large corporate hassles to a successful, mature, privately held vendor that proudly focuses on customer needs and technological advancements.

Leave the government contractor-level pricing, contractual terms, and confusion behind. Don’t become another ticket number. Let Wavecrest focus on your business and your specific requirements. Contact us and speak to a U.S.-based customer service or technical support person today. We consider it part of the job to keep our customers happy.

CyBlock® Employee Web Filtering and Monitoring Solutions provide advanced Web filtering, threat protection, comprehensive employee reporting, Smart Engine analytics, easy-to-use admin and manager portals, and more. Customers can easily configure CyBlock to monitor and manage compliance with their usage policies. CyBlock is available in various deployment options: CyBlock Software, CyBlock Appliance, CyBlock Mini Appliance, CyBlock Cloud, and CyBlock Hybrid as well as a Virtual Appliance version.

Cyfin® provides advanced employee Web-use analysis and reporting for a wide variety of gateway devices and log file formats. Comprehensive yet easy to use, its customized reporting capabilities supply audience-specific Web-use information with reliable metrics, easy-to-read reporting dashboards, manager-ready detailed audit reports, and Smart Engine analytics. Cyfin is available in various deployment options: Cyfin Software, Cyfin Forensic, and Cyfin VM.

About Wavecrest
Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit Wavecrest.

Collaboration with others and acquiring the right Web filtering and monitoring solution are critical in IT’s role in managing employee Web use

When it comes to a company’s Internet-connected network, the IT department or person is responsible for not only providing the right access to the Internet to employees, but keeping the company’s network and data secure. In order to do this, IT must invest time in examining the most suitable Web filtering and monitoring solution for the organization and implement it. Besides deploying firewalls, network security equipment, and data loss prevention tools to keep hackers out, IT also needs to keep all company stakeholders informed about the latest tactics being used by hackers to trick employees and compromise security measures put in place. In this article, I will cover why collaboration and input from others as well as the need for research and implementation of the right security equipment are important in managing employee Web use effectively in the organization.

Today, the biggest security threats are not from firewall breaches, but from trusted internal employees who are getting tricked into doing the wrong things, compromising all the well-planned and expensive security measures put in place by IT. To ensure productive and safe Internet access by all employees, actual usage needs to be monitored and controlled. IT needs to implement a reliable Web security tool that can monitor and report on Web use as well as control access to specific Web sites. This type of tool would help identify threats and attacks in the company’s network and also deliver accurate results in Web activity reporting. It would provide data that is easy to consume by all audiences in the company including department managers and HR personnel.

Another important IT task in managing employee Web use is granting the proper authorization to users and groups in the company. In so doing, IT can restrict access to Web sites based on need, to only sites that allow the employee to perform his/her job, or to only data associated with managers’ authorized users. With the right tool implemented, IT can also send easy-to-read reports directly to managers by manual distribution via e-mail or automatic distribution via scheduling. To make their job even easier, if the Web security tool includes a reporting-only access portal, IT, by only controlling portal access privileges, can grant self-service access to managers and HR, allowing them to run their own reports on their authorized groups without needing assistance.

As part of their role in employee Web-use management, IT must collaborate with all company stakeholders, i.e., senior managers, Legal, HR, and department managers. When IT is looking for an appropriate tool for these collaborators to use, it is important that the tool includes a Smart Engine that analyzes Web-use data in order to better interpret human behavior. The generated information can then be easily consumed by all including nontechnical personnel. IT would not need to massage or manipulate the data or be burdened by having to answer a lot of questions. The generated information would be best presented in easy-to-read, manager-ready, drill-down reports that give more detail on employees’ Web traffic. As part of this collaboration, IT should share pertinent information with HR and management when the Web filtering and monitoring product reveals patterns of inappropriate use. In this way, HR and management can determine the appropriate action to be taken.

Cyber attacks are growing in prominence every day targeting small and large businesses. On average, more than 4,000 ransomware attacks have occurred daily since 2016. 1 in 131 e-mails contains malware. As the number of malware types and variants continues to grow and evolve to bypass your antivirus program and other levels of protection, it is necessary for your IT team to keep well-informed of the latest hacker exploits and attacks, and put in place a secure Web filtering and monitoring solution to detect and block malware and other online threats.

An IT administrator that is on top of how network criminals operate and their latest techniques needs to communicate with HR to adequately protect the network from intrusion. Prompt communication of hackers’ latest tactics that focus on exploiting employees will help HR formulate a proper training and informational program on how to identify and avoid these types of exploits. IT can help HR flush out what they need to be training employees on, i.e., what to do and what not to do on the Internet. This type of training will hopefully help reduce the likelihood that an employee will open a suspicious e-mail or click unsolicited attachments in an e-mail if opened, and help to better ideed or unknown sites. Are your employees being provided with this training

IT plays a fundamental role in the proper management of employee Web use. Every year, hackers come up with new ways to trick users into giving up sensitive data, revealing credentials to their accounts, or clicking links to malicious Web sites. It is imperative that IT take the time to thoroughly research and implement the right Web filtering and monitoring tool to protect employees and the company’s network. It is also critical that this tool includes a Smart Engine to analyze the technical data and provide the necessary information on human activity. IT also needs to communicate the latest hacker tricks and traps to all stakeholders in the company, including HR and management, so that the workforce can be properly trained. Collaboration, communication, and training are essential to an effective employee Web-use management program. In the next articles, we will delve into the requirements of an effective employee Web-use management program, the importance of creating a well-designed Acceptable Use Policy, and other topics related to employee Web-use management.

Please let me know your thoughts on and reactions to this article and my questions by adding a comment. What challenges does your IT department or person face in managing employee Internet use effectively? Is IT communicating security vulnerabilities and exploits to your HR personnel, managers, and other company stakeholders?

Follow me on LinkedIn or read more articles on Web-use management on the Wavecrest blog: WaveNews.

HR is best suited to bring all company stakeholders together to ensure safe and productive Internet access

employee Web-use management

My discussion here is about the suitability of HR being the hub for employee Web-use management where all company stakeholders are brought together to ensure safe and productive Internet use by all employees. For one, HR’s expertise typically includes personnel policy, codes of conduct, labor relations, workforce training, legal compliance issues, and workforce morale, all of which relate to the employee Web-use management issue. Because of their expertise in policy, training, and processes, HR is in the best position to coordinate the tasks of proposing and developing solutions to ensure that employee Web use is properly managed. After all, Web-use management is not just an IT issue. It is all about employee behavior, productivity, and morale. What Internet-use people issues are you seeing in your company? How are you solving them?

Communication is key in HR’s collaboration with managers, IT, and employees in the company. Starting at the top of the company, HR can educate senior managers on the importance of employee Web-use management, get their input, and keep them involved. By collaborating with IT whose access to highly accurate Web-use reporting and filtering tools can produce easy-to-consume Web activity data, HR can keep upper management apprised of pertinent employee Web behavior. This allows HR to contribute to the organization’s profitability and help keep the company out of severe legal difficulty–important business objectives for senior managers.

As the focal point in the employee Web-use management effort, HR can also schedule Web-use training programs for managers and employees, coordinating with Legal, IT, or department managers who observe a need or have the specific knowledge to train the workforce. Training could include instruction on the proper use of network resources, how to recognize a phishing e-mail message, how to detect malware symptoms, how to recognize and report other online threats, and other Web-use topics. Essentially, training would teach employees how to use Web access productively and safely. In this way, all areas of the company play an important role in proper network resources and policy training that would have a significant impact on corporate Web security. Are these types of training programs taking place in your company?

 

Another HR task would be to communicate the company’s Acceptable Use Policy (AUP) to the workforce by providing it in writing or electronically, requiring a signature to indicate acceptance of the policy. If you do not have a policy, HR, in collaboration with IT, Legal, and senior managers, would be well-suited to establish a sound AUP consistent with your company’s culture. Once the policy is created, HR can work with functional managers and IT to ensure optimum implementation of the policy. As Web activity is analyzed over time, HR can revise the policy as necessary. Managers and HR would work together to ensure employees are complying with the Web-use policy. Along with managers, HR would be involved in specific cases of policy noncompliance.

In communicating the policy to the workforce, HR would focus on promoting the interest of the company as a whole, while helping to maintain or improve employee morale. Managing employees’ use of Web-access resources is a sensitive and complex task, one that involves communicating with all groups–senior managers, managers, IT, and employees–and deals with policy, training, and continuous improvement processes. With HR as the hub, the continuous improvement process would involve the frequent review of employee Web use, new Web services introduced into the network, and new security threats, as well as modification of work processes and appropriate revision of the AUP.

All areas of the company can help manage employee Web use effectively. In the next articles, we will examine more closely IT’s role in employee Web-use management, the requirements of an effective Web-use management program, developing a sound AUP consistent with corporate culture, and other topics related to the human factor of data security.

Please let me know your thoughts on and reactions to this article and my questions by adding a comment. If HR is leading the Web-use management efforts in your business, in what other ways are they collaborating with others in the company?

Follow me on LinkedIn or read more articles on Web-use management on the Wavecrest blog: WaveNews.

© Copyright 1996-2018 Wavecrest Computing. All Rights Reserved.

Trusted Worldwide

Call toll-free: 1-877-442-9346
International: 001-321-953-5351
"When I seek out a company to provide a product or service, I want it all -- a great product, a great price, a salesperson that is responsive and treats me like I am their only customer, and technical support that is intelligent, easy to access, and easy to understand. Wavecrest meets all of these criteria."

-Karleen Carlson, IT Manager, Van Diest Supply Company
LEGAL PRIVACY | © Copyright 1996-2018 Wavecrest Computing. All Rights Reserved.
Facebook Twitter Linkedin Blog Google+ YouTube Knowledge Base