FARMINGTON HILLS – Content filtering solutions are used primarily to limit and or log access to specific Web sites on the internet. These solutions are usually located just inside the corporate firewall and can either be placed in-line or are queried. Both of these strategies have their pros and cons.
The in-line variety content filter acts as a bridge whereby all communication traversing the Internet will be mirrored to a processor that will analyze the all traffic and identify specific content such as:
Instant messaging
http/https Web URLs and content
Online gaming traffic
The in-line content filter can present a warning to a user, block the traffic, and/or log the entire ?conversation.?
The ?queried? content filter is one that may be centrally located and can allow many different egress points throughout the corporation to access the Internet yet all of the Web traffic is authorized and/or logged. The advantage to this type of content filter is that there is only one server/appliance to manage while still maintaining a complete report of all Web traffic. The disadvantage to this method is that the in-line content filter can monitor many other types of traffic, not just http. Regardless of the solution implemented, the logging and recording capabilities of these systems can be leveraged to provide detailed understanding of the employee activity.
Content filtering solutions were originally designed to address the needs of corporations that want to give Internet access to employees without sacrificing productivity. An additional benefit was discovered by human resource (HR) departments eager to mitigate the possibility of employees accessing certain Web content while using corporate communication systems. While employee handbooks have had sexual harassment policies for decades, only recently can Internet usage policies strictly adhere to these policies with the use of content filters. HR departments continually urge IT staffs to leverage content filters to block employee access to pornographic Web images of or other non-acceptable content.
An organization must contemplate and identify business goals while paying attention to employee concerns before deploying any filters. For many years employees have had free access to the Internet; the introduction of a filter may cause negative morale and feelings of invasion of privacy?it is like trying to close Pandora?s Box. Communicating the policy and the presence of filtering solutions to employees is critical. A secret deployment could cause serious repercussions.
Beyond productivity and HR considerations, content filters naturally began to fit the needs of emerging compliance standards. Content filters can assist with:
Sarbanes-Oxley (SOX)
Health Insurance Portability and Accountability Act (HIPAA)
Gramm-Leach-Bliley (GLBA)
ISO17799 (BS17799)
PCI Data Security Standard
California Senate Bill No. 1386
NERC Cyber Security Standards
American Express Data Security Standards
MasterCard Site Data Protection Program
Visa Cardholder Information Security Program
Some companies are drawn to Web-filtering solutions by a lack of perceived control, especially in the wake of these new regulations, which are meant to protect privacy and oversee transactions.
Because organizations are keepers of vast amounts of sensitive data, including credit card numbers and Social Security numbers, there is no room for error. That means they simply cannot rely upon antivirus or anti-spyware blocking products for Internet security. Employees, too, can put organizations in financial and legal jeopardy when they disclose sensitive information through unauthorized Internet access by e-mail or instant messaging. And with the Sarbanes-Oxley Act and Gramm-Leach-Bliley pushing to protect nonpublic client data, financial organizations cannot afford to have less than the best in internet security solutions.
This column was written by Sandy Kronenberg, Chairman & President, of Netarx.
