Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

The Choice Between Managing Internet Access And Blocking It

Blue Cube Security : 20 May, 2010  (Special Report)
Rob Swainson, Managing Director of Blue Cube discusses the use of social networking in the workplace and provides some insight into making the decision whether to embrace change and manage access or block access to new media tools
IT has undoubtedly become the backbone for business operations the world over - with business critical and administrative processes relying on the speed and efficiencies of technology to function competitively.

In tandem, personal take up of technology has grown exponentially - 76% of the UK population now uses the internet (46,683,900) - growth of 180% over the last nine years. Globally over the last decade, we have witnessed a massive 380% increase in usage of the internet. According to research undertaken by The Nielsen Company, social networks and blogs are the most popular global online category, when ranked by average time spent in December 2009. The UK had 29,129,000 social media and blog users that month, each spending an average of six hours and 8 minutes online. Facebook alone had 206.9 million unique visitors in December 2009 and was the most popular global social networking destination that month.

Online Networking: A Threat to Business?

Inevitably, with online activity becoming such an intrinsic part of our daily lives, organisations are witnessing a significant and growing increase in the time employees are plugged into the web - and particularly social networking sites - during working hours. Understandably, serious concerns have been voiced around the huge impact of such activity on business performance and security - with very real reason. It is estimated that billions of pounds are lost in productivity every year as a direct result of staff clocking up hundreds of hours each day visiting social networking sites. Protracted connection to the internet by individuals also has a negative impact on the level of bandwidth available for business critical applications.

A bigger threat still is the potential loss or sharing of confidential MI when logging into external sites and uploading information without the necessary gateway filtering in place. Social networking sites have become obvious targets for identity theft and hacker attacks, with the placement of malicious worms and viruses veiled as legitimate user material. The growing application community that encourages users to create and share their own applications, also, introduces potential new malware and virus threats to organisations where corporate addresses are utilised by staff when communicating with social networks.

The obvious reaction to the potential threat from interface with social networks at work is to introduce a complete block for employee usage and there is certainly the technology available to implement such a ban. Such blanket prevention, however, has its own dangers and can be hard to regulate. For increasingly technologically literate users, there are always routes to circumvent blocks put in place by employers. If social networking sites are no longer 'legally' accessible at work, staff will reach them via proxy sites, the content of which is unknown and could pose a significant security threat to an organisation.

At a reputational level, it is not just individuals who might jeopardise their careers by posting inappropriate content about their personal lives on social networking sites - and we have recently read about several cases where P45's have been handed out as a result of such revelations, even by senior managers. Much more worryingly for an organisation is the severe and real danger of its corporate brand being irreversibly damaged by negative, sensitive or defamatory content that might be posted by staff on the web. This is an especially real threat during the current economic climate, when many employees are disillusioned by additional workloads resulting from colleagues' redundancies and a general environment of insecurity within the office.

Perhaps the most dangerous oversight made by those employers that take the decision to block access, however, is not educating staff as to why social networking sites pose a very real threat to the business and improving awareness as to the potential pitfalls and steps that can be taken to minimise the risks.

Realising the Benefits

For those companies that decide to manage rather than block employee access to the internet, the rewards to the business can be very real. Using social networking tools in the right way can deliver substantial return on investment. Used legitimately and intelligently, the more business centric online sites such as LinkedIn, Twitter and various blogs, can provide forums for executives to share professional experiences around business critical issues and carry out virtual networking.

Senior managers can carve out a thought leading position through the selective use of topical blogs - creating internet 'buzz', building credibility, attracting website traffic and increasing search engine ranking. Social networking sites offer innovative communication channels and even a mechanism for bringing in new business - indeed social media marketing is estimated to grow at an annual rate of 34% - faster than any other form of online marketing and double the average growth rate of 17 % for all online mediums.

Creating a Secure Environment

There are, happily, a series of steps that can be taken to minimise risk and realise the very real benefits that managing the use of social networking sites can deliver.

Monitor Network Usage

A first step that organisations can take to ascertain levels of employee online activity is to have their networks passively monitored to manage data loss or leakage which can be caused when employees use their corporate addresses to access social networking sites and upload messages and information. Data leakage prevention (DLP) solutions can then be developed to address any problems that are identified.

Take Control

The use of social networking sites and blogs can be monitored at email, web and instant messaging gateways and access controlled according to a variety of criteria, including type of site, content and specific company policies. Organisations might also consider restricting access to these sites to specific times of the working day for different users to free up bandwidth.

Regulating Proxy Servers

The management and monitoring of external Proxy servers will also allow organisations to monitor any employees bypassing company security controls and as a result leaving the organisation vulnerable to a high risk security breach.

Be Clear on Corporate Policy

In the fight against online threats, corporate policy is key - there is no point in an organisation throwing money at technology to safeguard its networks without the relevant robust policies in place to ensure a consistent and long term solution to the issue. Once basic policies are in place, they can be tailored to incorporate any necessary authorisation and user procedures. Users can be classified in several ways - such as by department, seniority, role, status (eg third party partners such as contractors and consultants). Different organisations will require different levels of security profile to reflect their particular requirements and this should also be indicated in the corporate policy: companies need to be aware of the information that it shares with its staff and that the relevant security precautions are in place.

Educate your Employees

Once in place, all policies need to be communicated to employees across the organisation to encourage understanding and maximise compliance. Only when a workforce is fully aware of the implications that its personal actions could have on the business, can an organisation expect full buy-in and responsible behaviour. There will also be HR implications with regard to disciplinary action for abuse of the policies, around which strategies will need to be developed and deployed across the organisation.

Online networking is here to stay and will play a progressively intrinsic role in the way that companies operate and marketing themselves. The benefits of tapping into this innovative advancement are very genuine and the threats - whilst equally real - can be mitigated with the introduction of vigorous corporate policies supported by robust technologies provided by trusted partners. Embracing change should enhance, not compromise, business performance.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo