Requirements of an effective employee Web-use management program

June 14th, 2018

Because managing employee Web use deals with humans and their actions, it is a continuous process for all sizes and types of businesses, where the goal is to ensure employees use Web access safely for productive, work-related purposes. To attain a high level of success, I believe that this process requires a Web-use management program be put in place that involves many key players in the organization, communication of the company’s Web-use policy, implementation of a reliable tool to monitor and control Web use, and other important activities. In this article, I will discuss the requirements of an effective employee Web-use management program and the activities involved that will bring about safe and productive Internet use by the workforce.

The key ingredient in an effective program is collaboration and communication among the various groups in the company, i.e., senior management, Legal department, IT personnel, HR personnel, department managers and supervisors, and employees. Communication would include IT keeping company stakeholders informed about current hacker threats, as well as HR apprising senior management of pertinent employee Web-use behavior. Collaboration would occur among HR, IT, and department managers in training the workforce. Collaboration would also take place between IT and department heads to select the appropriate Web monitoring and filtering tool.

If you don’t have one already, another necessity of a Web-use management program is to develop a sound Acceptable Use Policy (AUP) consistent with corporate culture. The AUP should describe acceptable and unacceptable Web-use behavior, i.e., company rules for what constitutes desirable, acceptable, unacceptable, and abusive use of the Internet and other network resources. The policy should also clearly state how compliance will be monitored and what the consequences will be to employees abusing the use of network resources. Does your company have an AUP in place that spells out the rules to your employees?

To ensure adherence to the Web-use policy, it should be clearly communicated to the entire workforce, including management, informing them of what is and what is not acceptable in easily understood language. You may also want to have employees acknowledge that they read and understood the policy through a signed acknowledgement. HR and management personnel should hold meetings with workgroups to answer questions and provide any additional information. This fosters open communication in the workplace and allows employees to be more engaged in proper Internet usage.

In addition to communicating the policy to all concerned, another requirement of an effective Web-use management program is training employees on how to use Web access productively and safely. Whether training is conducted or coordinated by HR or in collaboration with managers and other department personnel, training sessions should cover Internet usage and related subjects. Specifically, employees need to be made aware of what sites they are visiting and what they are clicking on the Web. The purpose of training should be to encourage proper, productive, and safe use of network resources while reinforcing the information in the AUP.

An important requirement of a Web-use management program is to use a reliable software tool that is designed specifically to monitor compliance with Web-use policies and proactively control Web access. The tool should also include a smart reporting engine that distinguishes between user clicks (visits) and unsolicited traffic (hits) and easily presents accurate and up-to-date Web-use data, identifying desirable Web usage as well as unacceptable use and trends. Does your tool include a Smart Engine that analyzes Web traffic to better interpret human behavior? Does it generate easy-to-read, manager-ready reports? Does it give details on employee Web use with drill-down reporting capability? These are key features of a Web monitoring and filtering tool that will benefit IT, HR, and department managers.

Another activity that is necessary is following up with corrective actions when inappropriate Web access is detected. With a policy in place, personnel oriented, the workforce trained, and your Web monitoring and filtering solution actively monitoring and controlling Web use, there are still more activities to do. The tool will inevitably reveal patterns of inappropriate use or disclose signs of outright abuse. These incidents will require attention by HR and management personnel. After identifying the problems, management can take appropriate follow-up actions, such as counseling employees, training or retraining workers, changing work processes, and revising or clarifying the AUP. Managers may also need to institute follow-up audits on individual users and, in worst case, take disciplinary action including termination.

The final element of an effective employee Web-use management program that I will cover involves the establishment of a continuous improvement process by the collaboration team, i.e., HR, IT, department managers, etc. In this process, there would be frequent reviews of employee Web use, new Web services introduced into the network, and new security threats, modifications of work processes, and appropriate revisions of the AUP. All company stakeholders would be involved. What other activities have been effective in your company in managing employee Web use?

Unauthorized Web use can degrade workforce productivity, impact network performance, threaten network security, and create legal liabilities. Any of these outcomes can seriously impact your bottom line. An effective employee Web-use management program is essential to prevent this from happening. If the responsibilities of an effective program are carried out well, misuse and abuse of network resources will be minimized without damaging workforce engagement and morale. Getting accurate, actionable information to all collaborators is a must, and the tool that you are using should be able to provide this information. Next time I will discuss how to get this information with reliable metrics generated by a reporting tool.

Read more of my articles on Web-use management on LinkedIn and the Wavecrest blog: WaveNews.

World Cup 2018 starts next week… is your business ready?

June 7th, 2018

The US may have disappointed many by being knocked out of the World Cup 2018, but don’t think fans will want to miss watching the games anyway. No matter where you are geographically, the World Cup is an event that carries fans even when their team doesn’t make it all the way! Is your business prepared for your employees’ inevitable streaming and Web surfing?

Even four years ago, many may have watched the World Cup on cable or satellite TV versus streaming. In 2018 though, many, known as cord-cutters, have even chosen to remove cable services at home and just stream on their televisions–making streaming a new way of life! Since the games are based in Russia this year, the time difference will likely cause games to be during working hours not only in the US, but even in Europe. Which means, devoted fans, I mean employees, may end up streaming at work potentially slowing down or clogging your bandwidth.

There is also the neverending threat of phishing e-mails and malicious ads. They tend to increase exponentially around events like this. Now is the time to make sure you have tools in place to block intentional or accidental access to malicious URL links, and have some refresher training for your employees on what to look for, avoid, and report.

The World Cup doesn’t happen often. It might be time to just let them catch some highlights on company time. But that doesn’t mean you have to risk productivity, bandwidth speed, or network and data security. CyBlock allows you to choose how much or how little risk, and to even change your mind in the middle. Let them enjoy without sacrificing your organizational priorities.

CyBlock® Employee Web Filtering and Monitoring Solutions provide advanced Web filtering, threat protection, comprehensive employee reporting, Smart Engine analytics, easy-to-use admin and manager portals, and more. Customers can easily configure CyBlock to monitor and manage compliance with their usage policies. CyBlock is available in various deployment options: CyBlock Software, CyBlock Appliance, CyBlock Mini Appliance, CyBlock Cloud, and CyBlock Hybrid as well as a Virtual Appliance version.

About Wavecrest
Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit Wavecrest.

No more consolidation confusion . . . just leading employee Web-use management solutions that fit.

May 21st, 2018

Companies change, grow, restructure, merge, acquire, and get acquired. It’s business and we know how that can be. Those of us that have seen this happen from within know that true impacts to the general business structure and overall goals don’t really show up for a year or two. Rarely does an acquired or merged business stay the same. The impact though can be internal, within the employee structure or daily business operations, or there can be  more obvious external impact to the financial status of the business, such as going private, or to the customer base focus. The last being the most likely to cause a domino-style effect of disruption.

Now is the time to really consider how to handle the consolidation changes that have been announced by Forcepoint. With the Raytheon acquisition of Websense a few years ago, everyone knew changes would come eventually. Unfortunately, the recently announced business consolidation will tend to leave some traditional Web-use management customers out in the cold. Whether you were a Websense customer before Raytheon or have gone to Forcepoint looking for the Websense-style solution in the last few years, you know what you are looking for from a Web-use management solution. Give CyBlock and Cyfin a try. Depending on what you need for your unique business, the first and only decision you need to make is Wavecrest. With deployments to fit every business size, type, and need, Wavecrest will allow you the comfort of moving away from the large corporate hassles to a successful, mature, privately held vendor that proudly focuses on customer needs and technological advancements.

Leave the government contractor-level pricing, contractual terms, and confusion behind. Don’t become another ticket number. Let Wavecrest focus on your business and your specific requirements. Contact us and speak to a U.S.-based customer service or technical support person today. We consider it part of the job to keep our customers happy.

CyBlock® Employee Web Filtering and Monitoring Solutions provide advanced Web filtering, threat protection, comprehensive employee reporting, Smart Engine analytics, easy-to-use admin and manager portals, and more. Customers can easily configure CyBlock to monitor and manage compliance with their usage policies. CyBlock is available in various deployment options: CyBlock Software, CyBlock Appliance, CyBlock Mini Appliance, CyBlock Cloud, and CyBlock Hybrid as well as a Virtual Appliance version.

Cyfin® provides advanced employee Web-use analysis and reporting for a wide variety of gateway devices and log file formats. Comprehensive yet easy to use, its customized reporting capabilities supply audience-specific Web-use information with reliable metrics, easy-to-read reporting dashboards, manager-ready detailed audit reports, and Smart Engine analytics. Cyfin is available in various deployment options: Cyfin Software, Cyfin Forensic, and Cyfin VM.

About Wavecrest
Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit Wavecrest.

Collaboration with others and acquiring the right Web filtering and monitoring solution are critical in IT’s role in managing employee Web use

May 17th, 2018

When it comes to a company’s Internet-connected network, the IT department or person is responsible for not only providing the right access to the Internet to employees, but keeping the company’s network and data secure. In order to do this, IT must invest time in examining the most suitable Web filtering and monitoring solution for the organization and implement it. Besides deploying firewalls, network security equipment, and data loss prevention tools to keep hackers out, IT also needs to keep all company stakeholders informed about the latest tactics being used by hackers to trick employees and compromise security measures put in place. In this article, I will cover why collaboration and input from others as well as the need for research and implementation of the right security equipment are important in managing employee Web use effectively in the organization.

Today, the biggest security threats are not from firewall breaches, but from trusted internal employees who are getting tricked into doing the wrong things, compromising all the well-planned and expensive security measures put in place by IT. To ensure productive and safe Internet access by all employees, actual usage needs to be monitored and controlled. IT needs to implement a reliable Web security tool that can monitor and report on Web use as well as control access to specific Web sites. This type of tool would help identify threats and attacks in the company’s network and also deliver accurate results in Web activity reporting. It would provide data that is easy to consume by all audiences in the company including department managers and HR personnel.

Another important IT task in managing employee Web use is granting the proper authorization to users and groups in the company. In so doing, IT can restrict access to Web sites based on need, to only sites that allow the employee to perform his/her job, or to only data associated with managers’ authorized users. With the right tool implemented, IT can also send easy-to-read reports directly to managers by manual distribution via e-mail or automatic distribution via scheduling. To make their job even easier, if the Web security tool includes a reporting-only access portal, IT, by only controlling portal access privileges, can grant self-service access to managers and HR, allowing them to run their own reports on their authorized groups without needing assistance.

As part of their role in employee Web-use management, IT must collaborate with all company stakeholders, i.e., senior managers, Legal, HR, and department managers. When IT is looking for an appropriate tool for these collaborators to use, it is important that the tool includes a Smart Engine that analyzes Web-use data in order to better interpret human behavior. The generated information can then be easily consumed by all including nontechnical personnel. IT would not need to massage or manipulate the data or be burdened by having to answer a lot of questions. The generated information would be best presented in easy-to-read, manager-ready, drill-down reports that give more detail on employees’ Web traffic. As part of this collaboration, IT should share pertinent information with HR and management when the Web filtering and monitoring product reveals patterns of inappropriate use. In this way, HR and management can determine the appropriate action to be taken.

Cyber attacks are growing in prominence every day targeting small and large businesses. On average, more than 4,000 ransomware attacks have occurred daily since 2016. 1 in 131 e-mails contains malware. As the number of malware types and variants continues to grow and evolve to bypass your antivirus program and other levels of protection, it is necessary for your IT team to keep well-informed of the latest hacker exploits and attacks, and put in place a secure Web filtering and monitoring solution to detect and block malware and other online threats.

An IT administrator that is on top of how network criminals operate and their latest techniques needs to communicate with HR to adequately protect the network from intrusion. Prompt communication of hackers’ latest tactics that focus on exploiting employees will help HR formulate a proper training and informational program on how to identify and avoid these types of exploits. IT can help HR flush out what they need to be training employees on, i.e., what to do and what not to do on the Internet. This type of training will hopefully help reduce the likelihood that an employee will open a suspicious e-mail or click unsolicited attachments in an e-mail if opened, and help to better ideed or unknown sites. Are your employees being provided with this training

IT plays a fundamental role in the proper management of employee Web use. Every year, hackers come up with new ways to trick users into giving up sensitive data, revealing credentials to their accounts, or clicking links to malicious Web sites. It is imperative that IT take the time to thoroughly research and implement the right Web filtering and monitoring tool to protect employees and the company’s network. It is also critical that this tool includes a Smart Engine to analyze the technical data and provide the necessary information on human activity. IT also needs to communicate the latest hacker tricks and traps to all stakeholders in the company, including HR and management, so that the workforce can be properly trained. Collaboration, communication, and training are essential to an effective employee Web-use management program. In the next articles, we will delve into the requirements of an effective employee Web-use management program, the importance of creating a well-designed Acceptable Use Policy, and other topics related to employee Web-use management.

Please let me know your thoughts on and reactions to this article and my questions by adding a comment. What challenges does your IT department or person face in managing employee Internet use effectively? Is IT communicating security vulnerabilities and exploits to your HR personnel, managers, and other company stakeholders?

Follow me on LinkedIn or read more articles on Web-use management on the Wavecrest blog: WaveNews.

HR is best suited to bring all company stakeholders together to ensure safe and productive Internet access

April 9th, 2018

employee Web-use management

My discussion here is about the suitability of HR being the hub for employee Web-use management where all company stakeholders are brought together to ensure safe and productive Internet use by all employees. For one, HR’s expertise typically includes personnel policy, codes of conduct, labor relations, workforce training, legal compliance issues, and workforce morale, all of which relate to the employee Web-use management issue. Because of their expertise in policy, training, and processes, HR is in the best position to coordinate the tasks of proposing and developing solutions to ensure that employee Web use is properly managed. After all, Web-use management is not just an IT issue. It is all about employee behavior, productivity, and morale. What Internet-use people issues are you seeing in your company? How are you solving them?

Communication is key in HR’s collaboration with managers, IT, and employees in the company. Starting at the top of the company, HR can educate senior managers on the importance of employee Web-use management, get their input, and keep them involved. By collaborating with IT whose access to highly accurate Web-use reporting and filtering tools can produce easy-to-consume Web activity data, HR can keep upper management apprised of pertinent employee Web behavior. This allows HR to contribute to the organization’s profitability and help keep the company out of severe legal difficulty–important business objectives for senior managers.

As the focal point in the employee Web-use management effort, HR can also schedule Web-use training programs for managers and employees, coordinating with Legal, IT, or department managers who observe a need or have the specific knowledge to train the workforce. Training could include instruction on the proper use of network resources, how to recognize a phishing e-mail message, how to detect malware symptoms, how to recognize and report other online threats, and other Web-use topics. Essentially, training would teach employees how to use Web access productively and safely. In this way, all areas of the company play an important role in proper network resources and policy training that would have a significant impact on corporate Web security. Are these types of training programs taking place in your company?

 

Another HR task would be to communicate the company’s Acceptable Use Policy (AUP) to the workforce by providing it in writing or electronically, requiring a signature to indicate acceptance of the policy. If you do not have a policy, HR, in collaboration with IT, Legal, and senior managers, would be well-suited to establish a sound AUP consistent with your company’s culture. Once the policy is created, HR can work with functional managers and IT to ensure optimum implementation of the policy. As Web activity is analyzed over time, HR can revise the policy as necessary. Managers and HR would work together to ensure employees are complying with the Web-use policy. Along with managers, HR would be involved in specific cases of policy noncompliance.

In communicating the policy to the workforce, HR would focus on promoting the interest of the company as a whole, while helping to maintain or improve employee morale. Managing employees’ use of Web-access resources is a sensitive and complex task, one that involves communicating with all groups–senior managers, managers, IT, and employees–and deals with policy, training, and continuous improvement processes. With HR as the hub, the continuous improvement process would involve the frequent review of employee Web use, new Web services introduced into the network, and new security threats, as well as modification of work processes and appropriate revision of the AUP.

All areas of the company can help manage employee Web use effectively. In the next articles, we will examine more closely IT’s role in employee Web-use management, the requirements of an effective Web-use management program, developing a sound AUP consistent with corporate culture, and other topics related to the human factor of data security.

Please let me know your thoughts on and reactions to this article and my questions by adding a comment. If HR is leading the Web-use management efforts in your business, in what other ways are they collaborating with others in the company?

Follow me on LinkedIn or read more articles on Web-use management on the Wavecrest blog: WaveNews.

Managing employee Web use is a collaborative effort involving managers, HR, IT, and employees.

March 22nd, 2018

 

There is no doubt that the Internet is an integral tool in today’s corporate world. It is central to business processes with more and more employees utilizing this important corporate resource daily. Most likely, your workplace has seen a significant increase in Internet use or Web use, contributing to the agility, efficiency, innovativeness, and success of the business. However, many issues can arise with employee Web use if it is not properly managed. I strongly believe that employee Web use involves human behavior in the workplace, and the proper management of it is a collaborative effort involving managers, HR, IT, and employees. In this article, I will discuss the issues affecting companies today concerning employee Web use, and with each article thereafter, we will delve a little deeper into the solutions.

The first issue is that with employees spending a large portion of the workday on the Internet, for both personal and work-related purposes, businesses have reason to be concerned about the security of their corporate network. Employees can be subject to phishing scams, end up on malicious Web sites, and unknowingly download infected files, jeopardizing the security of their system and the company’s network. Are your employees security aware? Do they know how to recognize online threats and how to report them?

Another issue is that with the tremendous increase in surfing the Web at work–between one and three hours a day on personal business–employees can waste considerable work time. Wasted time represents a reduction in workforce productivity and efficiency and consequently, unnecessary cost. Additionally, employees can waste time on legitimate but unproductive Web site visits. This waste can stem from flawed business strategy, poorly designed processes, or misguided supervisory direction. Do your managers have the accurate information they need on their employees’ Web activity?

Employers also have concerns about where their employees are going on the Internet. Unfortunately, one of the most serious forms of Web-access abuse involves the downloading and displaying of pornography. This is a huge issue from the standpoint of workplace liability, where the legal liability primarily takes the form of a sexual harassment lawsuit filed by an employee who has inadvertently or deliberately been exposed to pornographic images downloaded by another employee.

If you are allowing your employees to access the Internet, you must have an Acceptable Use Policy (AUP) that spells out what type of Web activity is acceptable, what type is not acceptable, and the consequences of engaging in the latter. The AUP should reflect the corporate culture. If you don’t have one, who should create this policy and ensure that employees adhere to it? If you do have a policy in place, do your employees know the policy and how to use Internet access properly?

For all of these people-oriented Web-use issues, clearly HR personnel are the professionals best equipped to take the lead in developing and implementing employee Web-use management efforts, collaborating as required with IT, and along with managers, training employees on the use of network resources. IT can deploy firewalls and network security equipment, but is not equipped or trained to deal with the larger issue of keeping your trusted workforce from compromising the security measures in place.

Managing your employees’ use of the Web is all about employee behavior, productivity, and morale, and the resolution of the above issues involves matters of policy, training, and compliance. In the next articles, we will explore HR’s role in the collaboration effort, IT’s role, the requirements of an effective Web-use management program, and other topics related to keeping your employees and network safe.

Please let me know your thoughts on and reactions to this article and my questions by adding a comment. Who is leading the people-oriented Web-use management efforts in your business? Is it a collaborative effort with multiple departments or just an IT-focused task?

Madness of March 2018…snow, cold, and of course, basketball!

March 21st, 2018

March Madness has begun and it is an exciting year already for basketball lovers. Knowing some of the games have been “nail-biters” this year, employees are definitely checking out highlights or even streaming a whole game on your network. WalletHub says, “unproductive workers during March Madness amounted to an estimated $6.3 billion in corporate losses.”

This year, have the choice to allow your employees some freedom to watch and enjoy! CyBlock Filtering and Monitoring Suite will help monitor and protect your business, blocking sites known for malware, proactively controlling bandwidth consumption, and keeping productivity flowing, while allowing responsible viewing.

With Wavecrest’s Bandwidth Management in CyBlock, there are numerous ways to be able to control access when you need to. With Real-Time Data Usage Monitoring, you will be able to easily view current data usage for the entire enterprise, detect unexpected spikes that could indicate excessive data use, or just observe the last 5, 10, or 15 minutes of real-time updates.

You can also make sure the critical business operations remain functioning efficiently, even during the games, by using the Bandwidth Throttling features. Be more restrictive as the noncritical usage gets higher by setting one of the automatically triggered, higher-usage policy thresholds to throttle more or even block. E-mail alerts will keep you informed wherever you are. Once a policy is activated, policy-specific traffic is throttled or blocked, allowing business-critical applications (VoIP, CRM, etc.) to continue operating as needed.  

Betting on the games has become increasingly popular. “According to the Gaming Association, 10 percent of adults — or roughly 24 million — reported spending nearly $3 billion in the past year on basketball pools alone,” notes cbssports.com. A more impactful example might be from WalletHub, “2x more is wagered on March Madness than the Super Bowl.” Be aware of what your employees are doing online, gambling sites are not just a legal issue but also tend to carry many security risks.

Security risks are numerous this time of year. March Madness search results have had a history of being known for malware in past years, and this year will likely be no different. As your employees search for brackets or results, CyBlock blocks traffic to the constantly growing number of sites that generate and/or promote malware. Keep out viruses, Trojan horses, phishing attacks, and more.

March Madness has become a way of life. Decide how your company will handle the traffic and proactively manage it by letting CyBlock help protect and secure your business and your employees. Find out more about all the Web management product lines at Wavecrest Computing.

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit Wavecrest.

Employee Internet activity–get the right information to the right people in the right format.

March 20th, 2018

We always think of a business’ audience as outside of the business, as in a sales or technical support relationship with a prospect or customer. But we all have an audience within the business that needs to be serviced, provided assistance, and kept happy. From an IT standpoint, these internal customers can be HR, operations, financial, legal, C-Suite, and more . . . literally everyone within the company. This is why it is important that IT be provided and supported with comprehensive, easy-to-manage tools that proactively help supply internal customers with the relevant, detailed, easy-to-consume information they need. Their focus should be on how to efficiently get the right information to the right people in the right format–especially when it is critical information like Internet usage.

Internet usage is a leading concern for companies due to risks from employee misuse, unsanctioned cloud applications, phishing e-mails, and more. Pepper Hamilton LLP, Attorneys at Law note, “Companies often are surprised to learn that their biggest security threats come from their own employees. These risks range from the use of weak passwords to clicking on corrupt internet links to theft of sensitive data.” IT needs to not only maintain the system to keep the business’ digital environment running and secure but they also need to supply critical employee Web-use information to others within their organization. These internal customers are not prepared to dig through and interpret large amounts of technical data. They require the information be easily supplied to them for when, where, and how they need to use it. So what does “the right information to the right people in the right format” really mean?

What is the right information?

When it comes to Web-use risks, the human factor, that is, the employee, must be the focus. Without knowing the human behavior in the organization it is impossible to define what is normal and flag anomalies that may indicate unintentional mistakes or malicious acts, identify workforce productivity changes, or determine whether an employee is in compliance with corporate policy, and more. If there is reporting on Web traffic in the organization, it may still be inadequate in showing the relevant human behavior in the workplace. It is important to reduce the “noise” that happens in data when supplying information to the internal customers. The right information means clear, pertinent, easy-to-consume information for, more than likely, a nontechnical audience.

Who are the right people?

It would likely be easier to just say everyone. Most employees use some form of the Internet for work functions. If they don’t, they still likely have access to the Internet through company Wi-Fi or during their break. Even then, the business is responsible for the Web use occurring on their network at any time. Knowing this, it is understandable that many people in your organization want easy access to employees’ Web activity information. Managers may want to address productivity issues, HR personnel may want to investigate a Web-use liability issue, and IT staff themselves will want to watch network performance and security. Getting the relevant information to a specific audience in the company is important and increases overall efficiency and productivity. The right people means that the information supplied to that user is specific to their responsibility. Extraneous information not only makes the recipient’s process of deciphering the data more difficult and time-consuming, but it is also a data security issue by sharing unrelated company data with others, even within the company.

Which is the right format?

When you view something and it just has so much information or is just difficult to read, do you actually retain or even understand the information? With mission-critical operations looming, IT no longer has time to spend on walking a recipient through report information. Requested Web-use information should be in an easy-to-read and actionable format. Having reporting dashboards can provide important benefits especially when they can be customized to offer different types of analyses for different users and therefore serve different purposes. Customizable charts and interactive, drill-down reporting features with specifically relevant information increases understanding and ends up supporting clear business decision-making. So, the right format is about allowing for flexibility for each recipient to view information in a number of different formats.

So then . . . what is needed to get the right information to the right people in the right format and how can Wavecrest help?

Smart Engine analytics! Without the Smart Engine and its analytics, the reporting components could not provide the adequate information that your company needs to manage employee Web use. The Smart Engine makes technical data usable and manager-ready. Smart Engine analytics provide pertinent, detailed analysis, permitting the review or investigation of trends, policy violation, Internet misuse, security issues, and ultimately, human behavior occurring in the workplace.

With its precise, industry-leading algorithms, the Wavecrest Smart Engine is used by charts and reports to present accurate and up-to-date Web-use data. It performs functions such as determining visits and time online from Web traffic, and categorizing URLs into logical groups based on content. The Smart Engine is the key to providing understandable, easy-to-consume, manager-ready information–more precisely, the right information for right people in the right format.

Time is precious, especially in business. Getting the right information to the right people in the right format should be easy–especially when it is critical information like Internet usage. Let us help.

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit Wavecrest.

Show cyber threats who is boss in 2018.

January 24th, 2018

Last year went by so fast. In between everyone’s normal busy schedule, most of us had to deal with natural disasters of some kind. For us at Wavecrest, it was Hurricane Irma as well as an above average rainy season. For others, it was Harvey and Maria, as well as fires, flooding,  earthquakes, remnants of storms causing wind damage–the list last year seems to be endless.

2017 also brought on some notable cyber events with the Equifax breach as one of the top incidents. 2017 was definitely a year for the books. You may have also noticed a shift in the business digital threat protection messaging. We at Wavecrest noticed . . . because it shifted to what we have always focused on. People.

People are a big part of the cyber threats that take place in businesses. No matter how automated things are, there is always the aspect of human interaction–human vulnerability. Humans inherently have vulnerabilities. It’s not a fault of one individual over another; it’s not about how good your employees are. There is a point where a business owner, manager, or decision-maker has to come to terms with managing Web use for the sake of the business over “my employees wouldn’t do that” or “I trust everyone working for me.” It may be true that you have the most trustworthy employees, but mistakes happen . . . even to the best of us. Cyber criminals focus on the easiest route first to gain access to your systems. Many times this is the employee, or human, vulnerability.

So . . . the new year is here. What can be done to improve managing employee Web use? The key is to make sure you pay attention to the human endpoint because it is not always about a failure in the actual technology. The firewall is great but if you have a weakness with an authorized user, the hacker will get past the firewall. Defend the human endpoint.

Consider these as a starting point and build on each or all!

  • MONITOR YOUR EMPLOYEES’ WEB USE! Sorry. It had to be said. If you do not know what is happening, you will not be able to know why, when, or where it happened. And you will not be able to make an informed decision on how to stop it from happening again. Remember that many times the human error that allowed for a breach may have been habitual or reactive so the employee’s memory of how it happened may not be very clear. Make sure to have visibility into the actual Web activity.
  • Analytics. Really another part of monitoring but noted separately due its importance and the flexibility of what you should be able to view and analyze. Find a Web activity solution that allows you to see relevant, drill-down data when you need it. Trends, customizable charts, by user or group, and real-time information on activity and bandwidth use are all things you should be able to analyze easily. All will allow you to expose abnormalities in user activity, identify potential insider threat behavior, flag possible legal liability issues, assess trends for data breach exposure, and observe patterns for lost productivity.
    • Hits versus Visits. This one deserves a sub-bullet. Make sure the Web-use management solution you choose has clearly defined Hits vs. Visits. Hits consist of unsolicited traffic, such as ads, and are not a reliable tracking metric on its own. Visits give you uncluttered, relevant Web activity detail based on user clicks and are a critical component to understanding human behavior. The last thing you want to do is try and sift through a bunch of data that is not even really relevant to the employee’s actual Web activity.

  • Filter. Yup . . . another suggestion that has the “but my employees are awesome” stigma to it. BUT let me just remind you that this is something that will provide another layer of security from phishing, malicious Web links, and data loss. I got your synapses firing now, don’t I! Filtering allows you to block or restrict URL link clicks that an employee may not be aware are malicious. Hackers have become increasingly precise in how things look. Very convincing e-mails and Web links are not rare anymore; they are commonplace. It is not really all about making sure your employee isn’t streaming YouTube all day. Although that should be managed as well, it should all be under your control. Allow it, don’t allow it, throttle it, or open it all up. The solution you choose should allow you to do it all, in your own customizable way.

The point is that the human endpoint is still a leading way threats get into your network. It may be through phishing, a malicious ad, or use of a unsanctioned cloud application, or it may even be a human error such as the delay of updating software. Whatever the issue, you have to be as proactive as possible to protect your network. Educate your employees continuously, have a comprehensive Web activity solution in place, make sure your Acceptable Use Policy is current, make sure patch management is an active process, and hug your IT people regularly because they are usually some of the busiest and stressed people in your organization.

Here is to showing the cyber criminals who is boss in 2018! Happy New Year!

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Take the mystery out of employee Web use and gain pertinent insight into your business.

January 17th, 2018

 

We are all seeing how business operations are continuously becoming more digitally driven. Many operations that were done on a desktop are now cloud- or app-driven. The connection to the Internet is a constant, and since your employees need that access to be productive, managing that connection should be a priority. Small businesses are finding that this access not only centralizes their operations and data but also can save them money. But they are finding that the amount of data being produced makes it impossible to find the relevant information needed. Looking at the employee-Internet relationship should be on the top of your checklist.

There are things that a Web-use management solution should provide, such as allowing a business to easily filter and control access, use white and black lists, and set time limits. But one of the biggest benefits that many times can be overlooked is the ability to access easy-to-use smart analytics and reporting tools. A filtering solution is great, but if it lacks a way to collect and correlate useful, pertinent data, then all that it is doing is restricting employees, causing frustration and potentially reducing productivity. With detailed reporting and analytics, managers can open up the usefulness of the Internet while knowing they still have the control to keep the business running smoothly and safely.

Look for the Web-use management solution that provides:

  • Drill-Down, Interactive, Forensic-Level Detail – A complete view of every link a user clicks, the exact search terms entered by a user, their search time, and more.
  • Ad Hoc and Scheduled Reporting – The information you need . . .  right when you need it.
  • Smart Reporting – Intelligent, timely, and cogent reporting on all aspects of employee Web usage.
  • Hits Versus Visits – Clear, uncluttered detail based on user clicks versus unsolicited traffic.
  • Manager Access – IT-controlled access for managers and HR allowing them reporting access without the need for IT assistance.

Analytics and reporting tools allow you to take the large amount of Web-use data your employees are producing and make sense of it. This data should tell you who, where, and when about the Web usage. Allowing you to see anomalies, activity peaks, bandwidth usage, and more, this visibility helps you plan and secure your network, data, and employees.

Don’t feel like you’re in need of tarot cards or tea leaves to know what is happening within your business.

About CyBlock

CyBlock Web-Use Management Suite makes more sense of all your Web-use data with CyBlock’s comprehensive monitoring and reporting features. CyBlock is available in Cloud, Software, Appliance, Mini Appliance, and VM deployments to fit any business size or industry.

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.