WaveNews - Company Blog

WaveNews™ - Company Blog

Product updates, press releases and the latest developments in Web-use management & employee Internet monitoring from Wavecrest Computing.

Really? Is it really time to think about holiday shopping? Already?!

Manage Holiday Web Usage with CyBlock

Yes–now is the time. The holidays are right around the corner and definitely require attention now so your business can prepare for the increase in Web usage and the associated risks. There are many reasons for your business to pay close attention to Internet activity at this time of year (and all year). But there is one primary focus that could easily help with all the cyber risks to your business–managing the natural human vulnerability that cyber thieves take advantage of.

Did you know that most breaches are initially caused by employee error? “Ninety-two percent of all incidents are, and 84 percent of all data breaches were, unintentional or inadvertent in nature,” states an article from iapp.org. No matter what kind of data loss or breach it is, human error likely played a very important role.

Shopping season can bring out even more human vulnerabilities than usual. Malicious Web sites can look real and carry what looks like legitimate product offerings, advertising can be more enticing with hard-to-resist discounts, and e-mails can come from legitimate e-mail addresses hacked by these talented criminals. Humans’ emotional nature can make it hard to resist when we are all looking for that special or hard-to-get gift. It is important to make sure your business–and your employees–are protected by an easy-to-setup solution that is comprehensive and proactive.

This is easier than you think. Access to a comprehensive Web management solution will allow you to manage usage in a way that suits your unique business philosophy. This includes whether you want to allow or restrict access to certain Web sites at a particular time of day, monitor usage with reporting features by analyzing trends and tracking usage, or just meet compliance and regulation requirements.

This time of year, it is important to spend some extra time paying attention to your organization’s Web use. But Web-use management should be part of your business process and security all year round. Find a solution that is flexible enough to grow or change with you throughout the year, and for this time of year … let them shop … and know you are still being proactive and secure.

CyBlock® Employee Web Filtering and Monitoring Solutions provide advanced Web filtering, threat protection, comprehensive employee reporting, Smart Engine analytics, easy-to-use admin and manager portals, and more. Customers can easily configure CyBlock to monitor and manage compliance with their usage policies. CyBlock is available in various deployment options: CyBlock Virtual Appliance, CyBlock Appliance, CyBlock Mini Appliance, CyBlock Cloud, and CyBlock Hybrid.

Cyfin® provides advanced employee Web-use analysis and reporting for a wide variety of gateway devices and log file formats. Comprehensive yet easy to use, its customized reporting capabilities supply audience-specific Web-use information with reliable metrics, easy-to-read reporting dashboards, manager-ready detailed audit reports, and Smart Engine analytics. Cyfin is available in various deployment options: Cyfin Virtual Appliance and Cyfin Forensic.

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. IT specialists, business managers, HR professionals, Managed Service Providers, and Forensics Investigators trust Wavecrest’s Cyfin and CyBlock products to easily decipher and manage real employee Web activity, manage cloud services, reduce liability risks, improve productivity, save bandwidth, and control costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit Wavecrest.

Determining employee Web-use behavior with Smart Engine analytics

Determining employee Web-use behavior with Smart Engine analytics

I previously discussed that employee Web use has much to do with human behavior in the workplace, and the management of it is not just an IT issue. All stakeholders and areas of the company can help manage employee Web use effectively. With IT investing time in researching and implementing the most suitable Web filtering and monitoring solution for the organization, collaborators in the company, such as senior managers, HR, and department managers, can get the right information in the right format. Ideally the solution would include a reporting engine or Smart Engine making it possible for collaborators to get a true picture of employee behavior. Here I’ll discuss the features of a Smart Engine and its importance in deriving human behavior from Web-use data.

First of all, what is a Smart Engine? A Smart Engine is a powerful reporting engine that helps companies make informed, data-driven decisions and take action on issues concerning the proper use of their network resources. It provides direct, easy, and fast access to data, and low-latency, real-time analytics. With its elaborate, distributed system, it is highly scalable and able to handle petabytes of data. A Smart Engine is built for speed and provides a scalable solution that is optimized for analytics retrieval.

Smart Engine analytics provide the information for reporting–charts and reports–to present accurate and up-to-date Web activity. The Smart Engine utilizes algorithms that perform functions such as determining real Web browsing activity, user names, and time online from Web traffic, and categorizing URLs into logical groups based on content. Without the Smart Engine and its analytics, the reporting components could not provide the adequate information that a company needs to manage employee Web use. The Smart Engine makes technical data usable and manager-ready. Examples of its algorithms are discussed below.

The most important algorithm is one that distinguishes between real Web browsing activity from user clicks (or visits) and background Web activity (unsolicited traffic or hits) by identifying the content of each URL. True visits are actual user clicks that do not include multimedia URLs, such as images, audio Web pages, advertisements, or Web pages that were requested as part of a visit, that is, unsolicited. The differentiation between Web traffic visits and hits is of high importance for companies that want to manage the human factor. Companies can get a true, meaningful picture of the level and type of Web activity occurring in their network.

When Web filtering and reporting products do not include user names in Web traffic records, user Web activity is lost and unaccounted for. The company may not even know that this is occurring. Another algorithm performed by the Smart Engine is a user name caching algorithm that uses the cache user name if available, versus the IP address, allowing you to capture all activity of the user and get more detailed data in reporting.

When users are online, they could be reading a Web page, performing another task in a different application with the browser open, or possibly away from the computer entirely with the browser open. A time online algorithm uses a highly accurate priority method for calculating users’ time online. Managers and IT administrators can quickly see which users, categories, sites, and so on had the most volume of activity and address any potential issues, such as productivity loss, bandwidth slowdowns, and policy noncompliance.

Another algorithm that produces Smart Engine analytics is a categorization algorithm. This algorithm is designed to report on all Web activity. With the extensive content categories available in the Web filtering and monitoring tool, this algorithm categorizes the organization’s Web activity so that managers can analyze their employees’ Web usage. Proper URL categorization detects and identifies a broad range and a high percentage of total Web activity.

The Smart Engine feeds data to the reporting components of a Web monitoring and filtering tool and provides analytics for determining human behavior. You will not get this type of data directly from any firewall on the market today. The raw data itself is only information about machine/network requests. It is not about human activity, but about the machine’s response to a human request to get or push information. The Smart Engine enables companies to quickly create simple Web browsing reports and analyze current or historical Web-use data from human behavior. This human behavior data is what is truly needed to effectively manage employee Web use to keep your employees and network safe.

Read more of my articles on Web-use management on LinkedIn and the Wavecrest blog: WaveNews.

Reliable Web-use metrics help get accurate, actionable information to company stakeholders

Reliable Web-use metrics

Proper management of employee Web use requires that all company stakeholders be provided with the best possible information on the Web activity of their Internet users. Specifically, the right information needs to get to the right people in the right format. This might be a challenge for companies for various reasons. One reason is that managers who may want to address productivity issues with employees, based on their Internet use or abuse, do not have the information in an easy-to-read and actionable format. They may not even have reporting access to their department’s Web activity whether through data visualizations such as charts, e-mailed reports, or a manager portal.

Another reason is that if there is reporting on Web traffic in the organization, it may be inadequate in showing relevant human behavior in the workplace. That is to say, almost all Web-use reporting tools provide information at the computer transaction level, not the user activity level. Hits and requests are computer-to-computer connections, i.e., all the hits/requests made when a user clicks a link. Your IT or network person is interested in computer-to-computer or computer-to-server communication, i.e., hits, requests, bytes, etc. Managers are interested in visits, time online, categories, and classifications and cannot read computer-level communication reports that don’t mean anything in terms of human action.

Without knowing the human behavior in the organization, management is unable to define what is normal and flag anomalies that may indicate insider threats, i.e., human actions that threaten data security. They are also unable to detect trends in workforce productivity or determine whether an employee is in compliance with corporate policy. In this article, I will cover what you should expect from your Web monitoring and filtering solution to get the most accurate, actionable Web-use information to all company stakeholders, i.e., senior managers, IT, HR, and department managers.

Company stakeholders or collaborators require specific Web-use data and need the right information to make decisions and take action. Reliable Web-use metrics are pertinent to the output of accurate Web-use information. Metrics allow you to analyze patterns of human behavior to detect inappropriate or excessive Internet use, address employee behavioral issues, and discover events that could lead to a data breach. In your Web monitoring and filtering tool, you should be able to get this data presented in easy-to-read visualizations such as reporting dashboards, charts, and detailed audit reports. The tool should also be able to serve dashboards, reports, and metrics from an easy-to-use portal.

All of these reporting visualizations provide several benefits for IT staff, administrators, managers, HR personnel, and other users. They can supply specific information to a specific audience in the company, increasing efficiency and productivity. They can be used for analysis of human behavior which allows companies to manage and control employee Internet use. They can be customized to offer different types of analyses for different users and therefore serve different purposes. And they comprise different reporting types such as Operational, Strategic, and Analytical reporting, allowing customized reporting of the data.

Operational reporting shows activity that is happening now and is based on real-time data. With real-time employee Web-use metrics, IT can monitor Web activity in real time as well as employee bandwidth consumption. The data is updated frequently. Operational reporting components are designed to be viewed multiple times during the day. Real-time employee Web-use metrics give a real-time running display of the browsing behavior of employees, i.e., current user activity, and identifies bandwidth hogs in real time.

Strategic reporting summarizes performance over set time frames, for example, last week or last month, and its individual visualizations, such as dashboard charts, are updated on a recurring basis at less frequent intervals. In relation to key performance indicators or metrics, Strategic reporting can show a snapshot of top consumer Web activity with interactive visualizations providing the details. This data may be of interest to IT staff, managers, and HR personnel. With these interactive visualizations, collaborators can quickly discover and track which users, categories, or sites had the most activity, how much time users are spending online, and so on. With drill-down capability, these charts can provide the details of user Web activity for audits and investigations.

Analytical reporting shows trends in data over time as well as comparisons of Web activity. This data may be of interest to managers and HR personnel. Its data visualizations may consist of trend and comparison charts as well as detailed audit reports, allowing collaborators to analyze large volumes of Web activity data for long-term audits and forensic investigations. Comparison charts allow collaborators to compare the Web traffic for a set date range with that of a previous period to detect any anomalies in Web activity. Analytical reporting also includes categorized, detailed audit reports that can deliver a comprehensive analysis of user activity including their visits, search terms, and inappropriate sites. They can be quickly run as ad hoc reports saving time in audits or investigations.

As mentioned earlier, your Web monitoring and filtering tool should be able to serve these data visualizations from a portal that is accessible to managers as well as an IT administrator. IT should be able to easily distribute reports manually or schedule reports for automatic distribution to managers as necessary. In the self-service portal, managers would be able to create reports on their authorized groups without assistance from IT and drill down to detailed user Web activity.

While reliable metrics are a critical part of Web-use data, your tool should also include a Smart Engine that feeds that data to the reporting components and provides analytics for determining human behavior because the raw data itself is only information about machine/network requests. It is not about human activity, but about the machine’s response to a human request to get or push information. In the next article, we will discuss Smart Engine analytics and its importance in deriving human behavior from Web-use data.

Read more of my articles on Web-use management on LinkedIn.

 

Requirements of an effective employee Web-use management program

Because managing employee Web use deals with humans and their actions, it is a continuous process for all sizes and types of businesses, where the goal is to ensure employees use Web access safely for productive, work-related purposes. To attain a high level of success, I believe that this process requires a Web-use management program be put in place that involves many key players in the organization, communication of the company’s Web-use policy, implementation of a reliable tool to monitor and control Web use, and other important activities. In this article, I will discuss the requirements of an effective employee Web-use management program and the activities involved that will bring about safe and productive Internet use by the workforce.

The key ingredient in an effective program is collaboration and communication among the various groups in the company, i.e., senior management, Legal department, IT personnel, HR personnel, department managers and supervisors, and employees. Communication would include IT keeping company stakeholders informed about current hacker threats, as well as HR apprising senior management of pertinent employee Web-use behavior. Collaboration would occur among HR, IT, and department managers in training the workforce. Collaboration would also take place between IT and department heads to select the appropriate Web monitoring and filtering tool.

If you don’t have one already, another necessity of a Web-use management program is to develop a sound Acceptable Use Policy (AUP) consistent with corporate culture. The AUP should describe acceptable and unacceptable Web-use behavior, i.e., company rules for what constitutes desirable, acceptable, unacceptable, and abusive use of the Internet and other network resources. The policy should also clearly state how compliance will be monitored and what the consequences will be to employees abusing the use of network resources. Does your company have an AUP in place that spells out the rules to your employees?

To ensure adherence to the Web-use policy, it should be clearly communicated to the entire workforce, including management, informing them of what is and what is not acceptable in easily understood language. You may also want to have employees acknowledge that they read and understood the policy through a signed acknowledgement. HR and management personnel should hold meetings with workgroups to answer questions and provide any additional information. This fosters open communication in the workplace and allows employees to be more engaged in proper Internet usage.

In addition to communicating the policy to all concerned, another requirement of an effective Web-use management program is training employees on how to use Web access productively and safely. Whether training is conducted or coordinated by HR or in collaboration with managers and other department personnel, training sessions should cover Internet usage and related subjects. Specifically, employees need to be made aware of what sites they are visiting and what they are clicking on the Web. The purpose of training should be to encourage proper, productive, and safe use of network resources while reinforcing the information in the AUP.

An important requirement of a Web-use management program is to use a reliable software tool that is designed specifically to monitor compliance with Web-use policies and proactively control Web access. The tool should also include a smart reporting engine that distinguishes between user clicks (visits) and unsolicited traffic (hits) and easily presents accurate and up-to-date Web-use data, identifying desirable Web usage as well as unacceptable use and trends. Does your tool include a Smart Engine that analyzes Web traffic to better interpret human behavior? Does it generate easy-to-read, manager-ready reports? Does it give details on employee Web use with drill-down reporting capability? These are key features of a Web monitoring and filtering tool that will benefit IT, HR, and department managers.

Another activity that is necessary is following up with corrective actions when inappropriate Web access is detected. With a policy in place, personnel oriented, the workforce trained, and your Web monitoring and filtering solution actively monitoring and controlling Web use, there are still more activities to do. The tool will inevitably reveal patterns of inappropriate use or disclose signs of outright abuse. These incidents will require attention by HR and management personnel. After identifying the problems, management can take appropriate follow-up actions, such as counseling employees, training or retraining workers, changing work processes, and revising or clarifying the AUP. Managers may also need to institute follow-up audits on individual users and, in worst case, take disciplinary action including termination.

The final element of an effective employee Web-use management program that I will cover involves the establishment of a continuous improvement process by the collaboration team, i.e., HR, IT, department managers, etc. In this process, there would be frequent reviews of employee Web use, new Web services introduced into the network, and new security threats, modifications of work processes, and appropriate revisions of the AUP. All company stakeholders would be involved. What other activities have been effective in your company in managing employee Web use?

Unauthorized Web use can degrade workforce productivity, impact network performance, threaten network security, and create legal liabilities. Any of these outcomes can seriously impact your bottom line. An effective employee Web-use management program is essential to prevent this from happening. If the responsibilities of an effective program are carried out well, misuse and abuse of network resources will be minimized without damaging workforce engagement and morale. Getting accurate, actionable information to all collaborators is a must, and the tool that you are using should be able to provide this information. Next time I will discuss how to get this information with reliable metrics generated by a reporting tool.

Read more of my articles on Web-use management on LinkedIn and the Wavecrest blog: WaveNews.

World Cup 2018 starts next week… is your business ready?

The US may have disappointed many by being knocked out of the World Cup 2018, but don’t think fans will want to miss watching the games anyway. No matter where you are geographically, the World Cup is an event that carries fans even when their team doesn’t make it all the way! Is your business prepared for your employees’ inevitable streaming and Web surfing?

Even four years ago, many may have watched the World Cup on cable or satellite TV versus streaming. In 2018 though, many, known as cord-cutters, have even chosen to remove cable services at home and just stream on their televisions–making streaming a new way of life! Since the games are based in Russia this year, the time difference will likely cause games to be during working hours not only in the US, but even in Europe. Which means, devoted fans, I mean employees, may end up streaming at work potentially slowing down or clogging your bandwidth.

There is also the neverending threat of phishing e-mails and malicious ads. They tend to increase exponentially around events like this. Now is the time to make sure you have tools in place to block intentional or accidental access to malicious URL links, and have some refresher training for your employees on what to look for, avoid, and report.

The World Cup doesn’t happen often. It might be time to just let them catch some highlights on company time. But that doesn’t mean you have to risk productivity, bandwidth speed, or network and data security. CyBlock allows you to choose how much or how little risk, and to even change your mind in the middle. Let them enjoy without sacrificing your organizational priorities.

CyBlock® Employee Web Filtering and Monitoring Solutions provide advanced Web filtering, threat protection, comprehensive employee reporting, Smart Engine analytics, easy-to-use admin and manager portals, and more. Customers can easily configure CyBlock to monitor and manage compliance with their usage policies. CyBlock is available in various deployment options: CyBlock Software, CyBlock Appliance, CyBlock Mini Appliance, CyBlock Cloud, and CyBlock Hybrid as well as a Virtual Appliance version.

About Wavecrest
Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit Wavecrest.


Load More Wavecrest Blog Posts

© Copyright 1996-2018 Wavecrest Computing. All Rights Reserved.

Trusted Worldwide

Call toll-free: 1-877-442-9346
International: 001-321-953-5351
"When I seek out a company to provide a product or service, I want it all -- a great product, a great price, a salesperson that is responsive and treats me like I am their only customer, and technical support that is intelligent, easy to access, and easy to understand. Wavecrest meets all of these criteria."

-Karleen Carlson, IT Manager, Van Diest Supply Company
LEGAL PRIVACY | © Copyright 1996-2018 Wavecrest Computing. All Rights Reserved.
Facebook Twitter Linkedin Blog Google+ YouTube Knowledge Base