Failing to put controls on employee web access causes multiple risks and cost problems:
When people use the browse the internet at their home they are used to go any website they click on and most persons are not aware of any potential security issues that might occur by going to websites.
The companies in Curaçao , just like in any other country, have to take several aspects in account when end-users are browsing the internet.
The following are some security related items that can occur if the company does not have a web protection policy and or if the company does not implement web protection.
If end-users are allowed to frequent unsafe sites – they are exposing company endpoints to malware via drive-by downloads, and related exploits.
There is no protection against end-users who fall for phishing attacks and click on links to malicious websites.
There is a increased exposure to watering hole attacks.
There is a increased exposure to compromised endpoints succeeding in contacting command and control servers and/or exfiltration of data.
Companies can implement web protection to increase employees productivity
End-users doing productive work on the Internet are slowed down by non-work related usage.
End-users will spend hours on personal social media and online shopping – especially during holiday seasons and by doing so are not productive for the company.
Employees that are spending time on non-work related sites indirectly costs the company money.
The company's customer service rating will degrade if employees are not able to fulfill a customer's request on a timely basis.
The employee him/herself may not reach his/her target goals to climb on higher on the company's hierarchy.
There are also bandwidth-related items if web access is left unchecked.
Internet related business processes such as backups, synchronization, use of cloud-based services and vpn connections suffer because bandwidth is being eaten up by non-business related content; including bandwidth hungry video, streaming music and social media.
Telecommunication costs grow in order to buy more bandwidth to address above issue.
Legal Issues.
Increased external liability to claims of responsibility for user’s use of company network for illegal activities and content.
Increased internal liability to claims of harassment enablement for user’s use of company network inappropriate activities and content.
To address the above mentioned risks you need to be able to:
Tie Internet traffic to application/service
Measure bandwidth by end-user/device
Measure usage time by end-user/device
Accurately categorize web-sites
Gain visibility into SSL encrypted traffic
Implement network rules and restrictions based on users/groups or network equipment.
Understand and analyze traffic at a much deeper level than traditional firewalls
Take into account time of day, day of week and even season.
Some of these requirements are pretty sophisticated. For instance many companies can’t simply block access to social media altogether. There may be many employees within the company that interact with customers or publish content via Facebook and Twitter. That’s where proxy server and next generation firewall technologies come in and make it possible to do things like detect and control what users access and do inside of certain sites and applications like Facebook. Maybe you want users to be able to even check personal Facebook accounts but you draw the line at playing games inside Facebook. Maybe you want to schedule that during official company's break-time there is a more relaxed web browsing restriction.
However like mentioned before the first step should be to outline a company written internet access policy where both the employee but also the employer acknowledge the company's policy.
Web protection can be implemented via an Unified Thread Management system or via the Managed Workstation solution by 5 Star Technology.
