Collaboration with others and acquiring the right Web filtering and monitoring solution are critical in IT’s role in managing employee Web use

May 17th, 2018

When it comes to a company’s Internet-connected network, the IT department or person is responsible for not only providing the right access to the Internet to employees, but keeping the company’s network and data secure. In order to do this, IT must invest time in examining the most suitable Web filtering and monitoring solution for the organization and implement it. Besides deploying firewalls, network security equipment, and data loss prevention tools to keep hackers out, IT also needs to keep all company stakeholders informed about the latest tactics being used by hackers to trick employees and compromise security measures put in place. In this article, I will cover why collaboration and input from others as well as the need for research and implementation of the right security equipment are important in managing employee Web use effectively in the organization.

Today, the biggest security threats are not from firewall breaches, but from trusted internal employees who are getting tricked into doing the wrong things, compromising all the well-planned and expensive security measures put in place by IT. To ensure productive and safe Internet access by all employees, actual usage needs to be monitored and controlled. IT needs to implement a reliable Web security tool that can monitor and report on Web use as well as control access to specific Web sites. This type of tool would help identify threats and attacks in the company’s network and also deliver accurate results in Web activity reporting. It would provide data that is easy to consume by all audiences in the company including department managers and HR personnel.

Another important IT task in managing employee Web use is granting the proper authorization to users and groups in the company. In so doing, IT can restrict access to Web sites based on need, to only sites that allow the employee to perform his/her job, or to only data associated with managers’ authorized users. With the right tool implemented, IT can also send easy-to-read reports directly to managers by manual distribution via e-mail or automatic distribution via scheduling. To make their job even easier, if the Web security tool includes a reporting-only access portal, IT, by only controlling portal access privileges, can grant self-service access to managers and HR, allowing them to run their own reports on their authorized groups without needing assistance.

As part of their role in employee Web-use management, IT must collaborate with all company stakeholders, i.e., senior managers, Legal, HR, and department managers. When IT is looking for an appropriate tool for these collaborators to use, it is important that the tool includes a Smart Engine that analyzes Web-use data in order to better interpret human behavior. The generated information can then be easily consumed by all including nontechnical personnel. IT would not need to massage or manipulate the data or be burdened by having to answer a lot of questions. The generated information would be best presented in easy-to-read, manager-ready, drill-down reports that give more detail on employees’ Web traffic. As part of this collaboration, IT should share pertinent information with HR and management when the Web filtering and monitoring product reveals patterns of inappropriate use. In this way, HR and management can determine the appropriate action to be taken.

Cyber attacks are growing in prominence every day targeting small and large businesses. On average, more than 4,000 ransomware attacks have occurred daily since 2016. 1 in 131 e-mails contains malware. As the number of malware types and variants continues to grow and evolve to bypass your antivirus program and other levels of protection, it is necessary for your IT team to keep well-informed of the latest hacker exploits and attacks, and put in place a secure Web filtering and monitoring solution to detect and block malware and other online threats.

An IT administrator that is on top of how network criminals operate and their latest techniques needs to communicate with HR to adequately protect the network from intrusion. Prompt communication of hackers’ latest tactics that focus on exploiting employees will help HR formulate a proper training and informational program on how to identify and avoid these types of exploits. IT can help HR flush out what they need to be training employees on, i.e., what to do and what not to do on the Internet. This type of training will hopefully help reduce the likelihood that an employee will open a suspicious e-mail or click unsolicited attachments in an e-mail if opened, and help to better ideed or unknown sites. Are your employees being provided with this training

IT plays a fundamental role in the proper management of employee Web use. Every year, hackers come up with new ways to trick users into giving up sensitive data, revealing credentials to their accounts, or clicking links to malicious Web sites. It is imperative that IT take the time to thoroughly research and implement the right Web filtering and monitoring tool to protect employees and the company’s network. It is also critical that this tool includes a Smart Engine to analyze the technical data and provide the necessary information on human activity. IT also needs to communicate the latest hacker tricks and traps to all stakeholders in the company, including HR and management, so that the workforce can be properly trained. Collaboration, communication, and training are essential to an effective employee Web-use management program. In the next articles, we will delve into the requirements of an effective employee Web-use management program, the importance of creating a well-designed Acceptable Use Policy, and other topics related to employee Web-use management.

Please let me know your thoughts on and reactions to this article and my questions by adding a comment. What challenges does your IT department or person face in managing employee Internet use effectively? Is IT communicating security vulnerabilities and exploits to your HR personnel, managers, and other company stakeholders?

Follow me on LinkedIn or read more articles on Web-use management on the Wavecrest blog: WaveNews.

HR is best suited to bring all company stakeholders together to ensure safe and productive Internet access

April 9th, 2018

employee Web-use management

My discussion here is about the suitability of HR being the hub for employee Web-use management where all company stakeholders are brought together to ensure safe and productive Internet use by all employees. For one, HR’s expertise typically includes personnel policy, codes of conduct, labor relations, workforce training, legal compliance issues, and workforce morale, all of which relate to the employee Web-use management issue. Because of their expertise in policy, training, and processes, HR is in the best position to coordinate the tasks of proposing and developing solutions to ensure that employee Web use is properly managed. After all, Web-use management is not just an IT issue. It is all about employee behavior, productivity, and morale. What Internet-use people issues are you seeing in your company? How are you solving them?

Communication is key in HR’s collaboration with managers, IT, and employees in the company. Starting at the top of the company, HR can educate senior managers on the importance of employee Web-use management, get their input, and keep them involved. By collaborating with IT whose access to highly accurate Web-use reporting and filtering tools can produce easy-to-consume Web activity data, HR can keep upper management apprised of pertinent employee Web behavior. This allows HR to contribute to the organization’s profitability and help keep the company out of severe legal difficulty–important business objectives for senior managers.

As the focal point in the employee Web-use management effort, HR can also schedule Web-use training programs for managers and employees, coordinating with Legal, IT, or department managers who observe a need or have the specific knowledge to train the workforce. Training could include instruction on the proper use of network resources, how to recognize a phishing e-mail message, how to detect malware symptoms, how to recognize and report other online threats, and other Web-use topics. Essentially, training would teach employees how to use Web access productively and safely. In this way, all areas of the company play an important role in proper network resources and policy training that would have a significant impact on corporate Web security. Are these types of training programs taking place in your company?

 

Another HR task would be to communicate the company’s Acceptable Use Policy (AUP) to the workforce by providing it in writing or electronically, requiring a signature to indicate acceptance of the policy. If you do not have a policy, HR, in collaboration with IT, Legal, and senior managers, would be well-suited to establish a sound AUP consistent with your company’s culture. Once the policy is created, HR can work with functional managers and IT to ensure optimum implementation of the policy. As Web activity is analyzed over time, HR can revise the policy as necessary. Managers and HR would work together to ensure employees are complying with the Web-use policy. Along with managers, HR would be involved in specific cases of policy noncompliance.

In communicating the policy to the workforce, HR would focus on promoting the interest of the company as a whole, while helping to maintain or improve employee morale. Managing employees’ use of Web-access resources is a sensitive and complex task, one that involves communicating with all groups–senior managers, managers, IT, and employees–and deals with policy, training, and continuous improvement processes. With HR as the hub, the continuous improvement process would involve the frequent review of employee Web use, new Web services introduced into the network, and new security threats, as well as modification of work processes and appropriate revision of the AUP.

All areas of the company can help manage employee Web use effectively. In the next articles, we will examine more closely IT’s role in employee Web-use management, the requirements of an effective Web-use management program, developing a sound AUP consistent with corporate culture, and other topics related to the human factor of data security.

Please let me know your thoughts on and reactions to this article and my questions by adding a comment. If HR is leading the Web-use management efforts in your business, in what other ways are they collaborating with others in the company?

Follow me on LinkedIn or read more articles on Web-use management on the Wavecrest blog: WaveNews.

Managing employee Web use is a collaborative effort involving managers, HR, IT, and employees.

March 22nd, 2018

 

There is no doubt that the Internet is an integral tool in today’s corporate world. It is central to business processes with more and more employees utilizing this important corporate resource daily. Most likely, your workplace has seen a significant increase in Internet use or Web use, contributing to the agility, efficiency, innovativeness, and success of the business. However, many issues can arise with employee Web use if it is not properly managed. I strongly believe that employee Web use involves human behavior in the workplace, and the proper management of it is a collaborative effort involving managers, HR, IT, and employees. In this article, I will discuss the issues affecting companies today concerning employee Web use, and with each article thereafter, we will delve a little deeper into the solutions.

The first issue is that with employees spending a large portion of the workday on the Internet, for both personal and work-related purposes, businesses have reason to be concerned about the security of their corporate network. Employees can be subject to phishing scams, end up on malicious Web sites, and unknowingly download infected files, jeopardizing the security of their system and the company’s network. Are your employees security aware? Do they know how to recognize online threats and how to report them?

Another issue is that with the tremendous increase in surfing the Web at work–between one and three hours a day on personal business–employees can waste considerable work time. Wasted time represents a reduction in workforce productivity and efficiency and consequently, unnecessary cost. Additionally, employees can waste time on legitimate but unproductive Web site visits. This waste can stem from flawed business strategy, poorly designed processes, or misguided supervisory direction. Do your managers have the accurate information they need on their employees’ Web activity?

Employers also have concerns about where their employees are going on the Internet. Unfortunately, one of the most serious forms of Web-access abuse involves the downloading and displaying of pornography. This is a huge issue from the standpoint of workplace liability, where the legal liability primarily takes the form of a sexual harassment lawsuit filed by an employee who has inadvertently or deliberately been exposed to pornographic images downloaded by another employee.

If you are allowing your employees to access the Internet, you must have an Acceptable Use Policy (AUP) that spells out what type of Web activity is acceptable, what type is not acceptable, and the consequences of engaging in the latter. The AUP should reflect the corporate culture. If you don’t have one, who should create this policy and ensure that employees adhere to it? If you do have a policy in place, do your employees know the policy and how to use Internet access properly?

For all of these people-oriented Web-use issues, clearly HR personnel are the professionals best equipped to take the lead in developing and implementing employee Web-use management efforts, collaborating as required with IT, and along with managers, training employees on the use of network resources. IT can deploy firewalls and network security equipment, but is not equipped or trained to deal with the larger issue of keeping your trusted workforce from compromising the security measures in place.

Managing your employees’ use of the Web is all about employee behavior, productivity, and morale, and the resolution of the above issues involves matters of policy, training, and compliance. In the next articles, we will explore HR’s role in the collaboration effort, IT’s role, the requirements of an effective Web-use management program, and other topics related to keeping your employees and network safe.

Please let me know your thoughts on and reactions to this article and my questions by adding a comment. Who is leading the people-oriented Web-use management efforts in your business? Is it a collaborative effort with multiple departments or just an IT-focused task?

Madness of March 2018…snow, cold, and of course, basketball!

March 21st, 2018

March Madness has begun and it is an exciting year already for basketball lovers. Knowing some of the games have been “nail-biters” this year, employees are definitely checking out highlights or even streaming a whole game on your network. WalletHub says, “unproductive workers during March Madness amounted to an estimated $6.3 billion in corporate losses.”

This year, have the choice to allow your employees some freedom to watch and enjoy! CyBlock Filtering and Monitoring Suite will help monitor and protect your business, blocking sites known for malware, proactively controlling bandwidth consumption, and keeping productivity flowing, while allowing responsible viewing.

With Wavecrest’s Bandwidth Management in CyBlock, there are numerous ways to be able to control access when you need to. With Real-Time Data Usage Monitoring, you will be able to easily view current data usage for the entire enterprise, detect unexpected spikes that could indicate excessive data use, or just observe the last 5, 10, or 15 minutes of real-time updates.

You can also make sure the critical business operations remain functioning efficiently, even during the games, by using the Bandwidth Throttling features. Be more restrictive as the noncritical usage gets higher by setting one of the automatically triggered, higher-usage policy thresholds to throttle more or even block. E-mail alerts will keep you informed wherever you are. Once a policy is activated, policy-specific traffic is throttled or blocked, allowing business-critical applications (VoIP, CRM, etc.) to continue operating as needed.  

Betting on the games has become increasingly popular. “According to the Gaming Association, 10 percent of adults — or roughly 24 million — reported spending nearly $3 billion in the past year on basketball pools alone,” notes cbssports.com. A more impactful example might be from WalletHub, “2x more is wagered on March Madness than the Super Bowl.” Be aware of what your employees are doing online, gambling sites are not just a legal issue but also tend to carry many security risks.

Security risks are numerous this time of year. March Madness search results have had a history of being known for malware in past years, and this year will likely be no different. As your employees search for brackets or results, CyBlock blocks traffic to the constantly growing number of sites that generate and/or promote malware. Keep out viruses, Trojan horses, phishing attacks, and more.

March Madness has become a way of life. Decide how your company will handle the traffic and proactively manage it by letting CyBlock help protect and secure your business and your employees. Find out more about all the Web management product lines at Wavecrest Computing.

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit Wavecrest.

Employee Internet activity–get the right information to the right people in the right format.

March 20th, 2018

We always think of a business’ audience as outside of the business, as in a sales or technical support relationship with a prospect or customer. But we all have an audience within the business that needs to be serviced, provided assistance, and kept happy. From an IT standpoint, these internal customers can be HR, operations, financial, legal, C-Suite, and more . . . literally everyone within the company. This is why it is important that IT be provided and supported with comprehensive, easy-to-manage tools that proactively help supply internal customers with the relevant, detailed, easy-to-consume information they need. Their focus should be on how to efficiently get the right information to the right people in the right format–especially when it is critical information like Internet usage.

Internet usage is a leading concern for companies due to risks from employee misuse, unsanctioned cloud applications, phishing e-mails, and more. Pepper Hamilton LLP, Attorneys at Law note, “Companies often are surprised to learn that their biggest security threats come from their own employees. These risks range from the use of weak passwords to clicking on corrupt internet links to theft of sensitive data.” IT needs to not only maintain the system to keep the business’ digital environment running and secure but they also need to supply critical employee Web-use information to others within their organization. These internal customers are not prepared to dig through and interpret large amounts of technical data. They require the information be easily supplied to them for when, where, and how they need to use it. So what does “the right information to the right people in the right format” really mean?

What is the right information?

When it comes to Web-use risks, the human factor, that is, the employee, must be the focus. Without knowing the human behavior in the organization it is impossible to define what is normal and flag anomalies that may indicate unintentional mistakes or malicious acts, identify workforce productivity changes, or determine whether an employee is in compliance with corporate policy, and more. If there is reporting on Web traffic in the organization, it may still be inadequate in showing the relevant human behavior in the workplace. It is important to reduce the “noise” that happens in data when supplying information to the internal customers. The right information means clear, pertinent, easy-to-consume information for, more than likely, a nontechnical audience.

Who are the right people?

It would likely be easier to just say everyone. Most employees use some form of the Internet for work functions. If they don’t, they still likely have access to the Internet through company Wi-Fi or during their break. Even then, the business is responsible for the Web use occurring on their network at any time. Knowing this, it is understandable that many people in your organization want easy access to employees’ Web activity information. Managers may want to address productivity issues, HR personnel may want to investigate a Web-use liability issue, and IT staff themselves will want to watch network performance and security. Getting the relevant information to a specific audience in the company is important and increases overall efficiency and productivity. The right people means that the information supplied to that user is specific to their responsibility. Extraneous information not only makes the recipient’s process of deciphering the data more difficult and time-consuming, but it is also a data security issue by sharing unrelated company data with others, even within the company.

Which is the right format?

When you view something and it just has so much information or is just difficult to read, do you actually retain or even understand the information? With mission-critical operations looming, IT no longer has time to spend on walking a recipient through report information. Requested Web-use information should be in an easy-to-read and actionable format. Having reporting dashboards can provide important benefits especially when they can be customized to offer different types of analyses for different users and therefore serve different purposes. Customizable charts and interactive, drill-down reporting features with specifically relevant information increases understanding and ends up supporting clear business decision-making. So, the right format is about allowing for flexibility for each recipient to view information in a number of different formats.

So then . . . what is needed to get the right information to the right people in the right format and how can Wavecrest help?

Smart Engine analytics! Without the Smart Engine and its analytics, the reporting components could not provide the adequate information that your company needs to manage employee Web use. The Smart Engine makes technical data usable and manager-ready. Smart Engine analytics provide pertinent, detailed analysis, permitting the review or investigation of trends, policy violation, Internet misuse, security issues, and ultimately, human behavior occurring in the workplace.

With its precise, industry-leading algorithms, the Wavecrest Smart Engine is used by charts and reports to present accurate and up-to-date Web-use data. It performs functions such as determining visits and time online from Web traffic, and categorizing URLs into logical groups based on content. The Smart Engine is the key to providing understandable, easy-to-consume, manager-ready information–more precisely, the right information for right people in the right format.

Time is precious, especially in business. Getting the right information to the right people in the right format should be easy–especially when it is critical information like Internet usage. Let us help.

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit Wavecrest.

Show cyber threats who is boss in 2018.

January 24th, 2018

Last year went by so fast. In between everyone’s normal busy schedule, most of us had to deal with natural disasters of some kind. For us at Wavecrest, it was Hurricane Irma as well as an above average rainy season. For others, it was Harvey and Maria, as well as fires, flooding,  earthquakes, remnants of storms causing wind damage–the list last year seems to be endless.

2017 also brought on some notable cyber events with the Equifax breach as one of the top incidents. 2017 was definitely a year for the books. You may have also noticed a shift in the business digital threat protection messaging. We at Wavecrest noticed . . . because it shifted to what we have always focused on. People.

People are a big part of the cyber threats that take place in businesses. No matter how automated things are, there is always the aspect of human interaction–human vulnerability. Humans inherently have vulnerabilities. It’s not a fault of one individual over another; it’s not about how good your employees are. There is a point where a business owner, manager, or decision-maker has to come to terms with managing Web use for the sake of the business over “my employees wouldn’t do that” or “I trust everyone working for me.” It may be true that you have the most trustworthy employees, but mistakes happen . . . even to the best of us. Cyber criminals focus on the easiest route first to gain access to your systems. Many times this is the employee, or human, vulnerability.

So . . . the new year is here. What can be done to improve managing employee Web use? The key is to make sure you pay attention to the human endpoint because it is not always about a failure in the actual technology. The firewall is great but if you have a weakness with an authorized user, the hacker will get past the firewall. Defend the human endpoint.

Consider these as a starting point and build on each or all!

  • MONITOR YOUR EMPLOYEES’ WEB USE! Sorry. It had to be said. If you do not know what is happening, you will not be able to know why, when, or where it happened. And you will not be able to make an informed decision on how to stop it from happening again. Remember that many times the human error that allowed for a breach may have been habitual or reactive so the employee’s memory of how it happened may not be very clear. Make sure to have visibility into the actual Web activity.
  • Analytics. Really another part of monitoring but noted separately due its importance and the flexibility of what you should be able to view and analyze. Find a Web activity solution that allows you to see relevant, drill-down data when you need it. Trends, customizable charts, by user or group, and real-time information on activity and bandwidth use are all things you should be able to analyze easily. All will allow you to expose abnormalities in user activity, identify potential insider threat behavior, flag possible legal liability issues, assess trends for data breach exposure, and observe patterns for lost productivity.
    • Hits versus Visits. This one deserves a sub-bullet. Make sure the Web-use management solution you choose has clearly defined Hits vs. Visits. Hits consist of unsolicited traffic, such as ads, and are not a reliable tracking metric on its own. Visits give you uncluttered, relevant Web activity detail based on user clicks and are a critical component to understanding human behavior. The last thing you want to do is try and sift through a bunch of data that is not even really relevant to the employee’s actual Web activity.

  • Filter. Yup . . . another suggestion that has the “but my employees are awesome” stigma to it. BUT let me just remind you that this is something that will provide another layer of security from phishing, malicious Web links, and data loss. I got your synapses firing now, don’t I! Filtering allows you to block or restrict URL link clicks that an employee may not be aware are malicious. Hackers have become increasingly precise in how things look. Very convincing e-mails and Web links are not rare anymore; they are commonplace. It is not really all about making sure your employee isn’t streaming YouTube all day. Although that should be managed as well, it should all be under your control. Allow it, don’t allow it, throttle it, or open it all up. The solution you choose should allow you to do it all, in your own customizable way.

The point is that the human endpoint is still a leading way threats get into your network. It may be through phishing, a malicious ad, or use of a unsanctioned cloud application, or it may even be a human error such as the delay of updating software. Whatever the issue, you have to be as proactive as possible to protect your network. Educate your employees continuously, have a comprehensive Web activity solution in place, make sure your Acceptable Use Policy is current, make sure patch management is an active process, and hug your IT people regularly because they are usually some of the busiest and stressed people in your organization.

Here is to showing the cyber criminals who is boss in 2018! Happy New Year!

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Take the mystery out of employee Web use and gain pertinent insight into your business.

January 17th, 2018

 

We are all seeing how business operations are continuously becoming more digitally driven. Many operations that were done on a desktop are now cloud- or app-driven. The connection to the Internet is a constant, and since your employees need that access to be productive, managing that connection should be a priority. Small businesses are finding that this access not only centralizes their operations and data but also can save them money. But they are finding that the amount of data being produced makes it impossible to find the relevant information needed. Looking at the employee-Internet relationship should be on the top of your checklist.

There are things that a Web-use management solution should provide, such as allowing a business to easily filter and control access, use white and black lists, and set time limits. But one of the biggest benefits that many times can be overlooked is the ability to access easy-to-use smart analytics and reporting tools. A filtering solution is great, but if it lacks a way to collect and correlate useful, pertinent data, then all that it is doing is restricting employees, causing frustration and potentially reducing productivity. With detailed reporting and analytics, managers can open up the usefulness of the Internet while knowing they still have the control to keep the business running smoothly and safely.

Look for the Web-use management solution that provides:

  • Drill-Down, Interactive, Forensic-Level Detail – A complete view of every link a user clicks, the exact search terms entered by a user, their search time, and more.
  • Ad Hoc and Scheduled Reporting – The information you need . . .  right when you need it.
  • Smart Reporting – Intelligent, timely, and cogent reporting on all aspects of employee Web usage.
  • Hits Versus Visits – Clear, uncluttered detail based on user clicks versus unsolicited traffic.
  • Manager Access – IT-controlled access for managers and HR allowing them reporting access without the need for IT assistance.

Analytics and reporting tools allow you to take the large amount of Web-use data your employees are producing and make sense of it. This data should tell you who, where, and when about the Web usage. Allowing you to see anomalies, activity peaks, bandwidth usage, and more, this visibility helps you plan and secure your network, data, and employees.

Don’t feel like you’re in need of tarot cards or tea leaves to know what is happening within your business.

About CyBlock

CyBlock Web-Use Management Suite makes more sense of all your Web-use data with CyBlock’s comprehensive monitoring and reporting features. CyBlock is available in Cloud, Software, Appliance, Mini Appliance, and VM deployments to fit any business size or industry.

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

It is holiday shopping time again! Cyber Monday is now more like Cyber Month!

November 14th, 2017

With Thanksgiving right around the corner, we all know what is coming–Cyber Monday–the big day (now it is more like a month!) for personal employee Web use! More than ever before, businesses are open to employee use of the company Internet for personal use such as snagging some holiday deals. But what does this really mean for daily business operations? That depends.

There are definitely cyber risks associated with the season of shopping–malicious ads, phishing e-mails with malicious Web links, and slow bandwidth, to name a few. Paying attention to your employees’ Web usage is crucial. It is up to you whether you allow shopping on your network. If you do, there are steps you should take to manage this naturally vulnerable human endpoint.

  • Filter
    • Filtering allows you to reduce risks from malicious URLs in ads, phishing, etc. . . . employees are your weakest link. Train them continuously but also make sure there is a Web filtering solution in place to allow you to manage the Web use the way you see fit.
  • Manage Bandwidth Usage
    • This time of year employees may be doing things such as watching a video review of the latest in tech toys for their kids. Make sure your mission-critical operations are not affected. Configuring bandwidth limits by user-defined thresholds and setting trigger alerts will help you make sure you don’t have unnecessary bandwidth hogs slowing your business down.
  • Monitor Web use
    • Visibility means everything. With the right monitoring solution, you can easily analyze employee Web-usage trends, make sure your Acceptable Use Policy (AUP) is being followed, and get actionable, relevant detail when you need it.

These are only a few of the things that you can do to help reduce the risks associated with employee Web use all year long. Remember that human vulnerabilities are a leading cause of most network breaches. Focus on the human endpoint. Take the time to keep training employees, enforcing your AUP, monitoring, analyzing, and filtering.

At this time of year, you can feel good about allowing your employees some freedom to research or snag some holiday gift deals. Have a comprehensive employee Web filtering and monitoring solution in place, and enjoy your holidays even more knowing you are proactively managing employee Web activity!

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

CyBlock/Cyfin Release 9.2.8 Now Available

August 23rd, 2017

Release 9.2.8 consists of improvements for both Cyfin and CyBlock. For Cyfin customers, a filter allows you to log only relevant data into the syslog, keeping the syslog file at the smallest possible size. Cyfin customers also have the ability to delete only raw syslog log files from disk to help reduce the risk of running out of disk space. For CyBlock customers, changes to IP/domain exceptions in your PAC file configuration can be synced with your cloud account in a Hybrid deployment.

For both products, the product disk usage and the available disk space are displayed for your information on the Server Information screen. Also, the calculation of Hits and Visits has been updated to be more precise. These and other enhancements are highlighted below.

  • Syslog Log File Configurations (Cyfin)
    • After enabling the syslog server, the Syslog Filter field appears which is prepopulated with the default value format based on your syslog configuration. It is used to log only the pertinent data into the syslog and not all the data that is being sent.
  • Log File Removal (Cyfin)
    • The ability to delete only raw syslog log files from disk has been added. You can manually delete or schedule a deletion of the files either at the current time or at the default scheduled time.
  • PAC File Sync (CyBlock Appliance, CyBlock Software)
    • Any IP/domain exception changes to the PAC file configuration are now automatically or can now be manually synced with your CyBlock Cloud account in a Hybrid deployment.
  • Server Information
    • On the System Status – Server Information screen, the product disk usage and available disk space are now displayed. The available disk space shows the amount of free space remaining out of the total drive space.
  • Hits and Visits Calculation
    • The hits and visits calculation has been enhanced by evaluating additional information from the log records.
  • Java Runtime Environment
    • The version of JRE was updated to the latest with all security and performance fixes.
  • System Status Messages
    • The Event Log and Profiling Log screens have been updated to allow Technical Support to view legacy or new messages.

To see the full release notes for your product, visit our Web site or knowledge base. You can upgrade to the latest release by going to the Help – Check for Updates screen in your product.

For additional assistance, please feel free to contact us.

Is your business’ human operating system secure?

August 2nd, 2017

Everyone is worried about operating systems, whether it is network operations, business operations, or a desktop operating system. The functionality of these intricate parts of your business are critical. But have you thought about your employees and how they operate? Today, your human operating system needs to be more than just making sure your employees are doing their job. Human vulnerabilities are a primary target for cyber criminals. Your human operating system, or the human factor, needs to be manageable and efficient, with tools in place that proactively support an open, yet secure, digital work environment.

Insider threats can be found at the top of headlines almost every day. Listen carefully to what each event tells you. It can happen to you, no matter how big or how small your business is. You don’t have to be a government organization to be susceptible to an insider threat. Insider threats can be a malicious employee who may be upset at the company, a good employee who just makes a mistake, or a targeted employee who unknowingly allows a malicious user into the network or access to proprietary data. Whatever the cause, there has to be tools in place to combat these human factor Web-use risks.

The human factor in business Web use is complicated in many ways. Hackers target natural human vulnerabilities and mistakes happen, employees can be sensitive to being singled out or afraid to admit the mistake, and fully blocking all access in today’s digital work world will likely just limit productivity and upset employees. The key? Visibility into the human factor. See how and when your employees use their Internet access. With that visibility into Web-use detail, you can then manage the usage to fit your unique business needs and gain a comprehensive, proactive way to secure and protect your business.

Securing and managing your enterprise’s human operating system in a proactive and efficient manner will help reduce cyber risks, such as phishing, malware intrusions, ransomware, data loss, employee misuse, legal liabilities, bandwidth hogs, shadow IT, and more. Find a solution that fits your business and your budget. Make sure it is flexible, easy to use, and easy to manage, allowing you to secure and shape employee Web-use–on your terms.

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.