Tag Archives: employee web use

Things That Lie In Wait

crocodile-small

There are many shows on cable today that portray instant recognition of a breach. To repeat what all others in the actual cyber industry say . . . not realistic.

Think of the scenario where an employee opens a file or accesses a malicious Web site. Step one is done. Nothing happens; the employee shrugs his or her shoulders and moves on. Nothing happened, so we are all good, right? Wrong. In reality, malware can happen behind the scenes with no visual effect at all at the time of being infected. The malware is just lying in wait. It either waits for an external signal–a preprogrammed time or until a specific action on the host computer is done. A hacker then would have access to look around, doing nothing noticeable, just checking things out . . . until the time that he finds what he wants.

Six months pass. All of a sudden, systems are breached, potentially causing loss of controls, data, or financial information. And no one knows where or how it happened until a thorough investigation finally points back to the past point in time.

It sounds unavoidable, right? No, it’s not unavoidable but the chances increase all the time that it will happen to your business. But if you take steps to protect and prepare as much as possible, the damage can be potentially avoided or at least somewhat overcome.

How? Here are 5 steps to try to avoid or quickly recover from a breach:

  1. BACK UP!!! Enough said. Think cloud, separate, secure, and frequent. Ransomware, a type of malware, takes over your files and holds them hostage. With a secure and separate backup, your business can go on operating.
  2. Train. Train your employees for anything that could happen. Teach them about current cyber threats; keep them informed. They can be considered an additional “firewall.”
  3. Use patch management. The days of worrying about how frustrating the changes will be from new updates are over. Patch consistently . . . because many of the patches today are security related and crucial to staying protected.
  4. Apply multiple layers of security. Your firewall will not protect you from a threat that originates internally. And yes, many happen using some form of an internal breach such as phishing and e-mails with malware links, or by way of privileged credentials whether internally or from a breach at a third-party contractor. Get a comprehensive employee Web-use security solution that will block access to malicious sites and links.
  5. Monitor. Watch it all. You will see trends, user behavior, and anomalies. Monitor network activity and the activity that accesses the Internet. Guest Wi-Fi networks, BYOD, and employee Web use should be included. Make sure you have visibility into what is going on with a solution that not only provides real-time monitoring, but also forensic-level detail reporting easily accessible by both IT and managers.

Overall, taking steps to ensure your business is protected is crucial, but know that you can still keep critical business operations functioning following any type of breach. Providing proactive solutions to protect, secure, and manage your business’s Web use in a cost-effective, agile, and customer-centric way is what we do. Let us help.

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Wavecrest Continues to be a Valued GSA-Approved Vendor

Contract_Holder_StarMark

 

Wavecrest Computing has once again been awarded a renewal for a GSA Contract. Our first award was in 2000, and now we are proud to be renewed all the way to 2021!

Since 1996, Wavecrest Computing has been a global leader in employee Web-access security and Web-use monitoring and analytics solutions, with scalable filtering and reporting analysis, forensic data tools, and products designed to enable organizations with today’s distributed workforce to successfully address cyber threats.

Our clients include:

  • National Archives
  • Superior Court of California
  • U.S. Computer Emergency Readiness Team (Homeland Security)
  • U.S. Department of Veterans Affairs
  • Florida Department of Health
  • New York City Department of Buildings
  • Georgia Department of Transportation
  • Defense Logistics Agency
  • U.S. Department of Justice
  • National Ground Intelligence Center
  • U.S. Army

Wavecrest’s CyBlock and Cyfin solutions are built with today’s unique business in mind, offering comprehensive cloud services management and visibility into Shadow IT and insider threats, as well addressing legal liability, workforce productivity, and Web security threats such as malware and phishing attempts. We offer multiple deployments that include Cloud Access Security Broker (CASB), Cloud, Hybrid, Software, and Hardware deployments that fit any business type or size. Wavecrest Computing is headquartered in Melbourne, Florida, U.S.A.

For more information on the company, products, and partners, visit https://www.wavecrest.net or follow us on LinkedIn, Facebook, and Twitter.

Another exciting new enhancement from Wavecrest…Cyfin Automatic Log File Detection!

Wavecrest Computing is excited to announce a new enhancement to our Cyfin Log File Analyzer Solution, Automatic Log File Detection. This enhancement allows for the easy setup and import of log files by automatically analyzing and matching the closest suitable log file types. You no longer have to worry about making sure you select the correct log file type manually before importing. All you have to do is locate your log file and select. Cyfin Automatic Log File Detection will display a short list of matches with sample data in fields, allowing you to select from the list the best log file type ensuring you are getting the best match available.

Constantly improving, developing and enhancing, to make your Web security more efficient, Wavecrest Computing has been the recognized leader in Web Security Solutions for over 19 years. Wavecrest’s scalable filtering and forensic reporting analysis product lines, CyBlock and Cyfin, are designed to enable organizations to successfully address Internet abuse, legal liability, shadow IT, workforce productivity, Malware, and many other Web security threats.

automatic logfile analysis

The all-in-one, enterprise class, Web Security hardware solution

The all-in-one, enterprise class, Web Security hardware solution, CyBlock Appliance, now available with local logging and reporting, can be easily paired with a CyBlock Cloud account as a Hybrid deployment, extending Web filtering and monitoring to your off-premises employees!

applianceLGet instant real-time information and proactive, reliable control over your network’s Internet users. CyBlock Appliance, the leading, turn-key, gateway appliance solution for Web-access Security, provides ease-of-use setup, configuration, and management at your fingertips! And now, you no longer have to worry about any remote logging that would require an external server or appliance. CyBlock Appliance now supports local logging and reporting!

The benefits of CyBlock Appliance are many, and your administrative choices are extensive. With minimal time and effort, the Appliance is up and running. Choose to use the Appliance as a proxy to monitor all your selected HTTP/S traffic, or inline, “transparent” to add the control and monitoring of P2P, torrents, IM, and e-mail, as well as public access Wi-Fi areas. Either configuration gives you granular controls, drill-down reporting, filtering, real-time monitoring, bandwidth throttling, as well as reducing risks of malware and data loss–your options are endless. CyBlock Appliance will proactively support all your organization’s Web-use needs fast and efficiently, without the need for constant administration.

Remote or mobile users? Safeguard all networks and employees in the organization. Add CyBlock Hybrid! Using CyBlock Appliance and CyBlock Cloud, the Hybrid deployment secures your additional remote and mobile employees so there is no need to route traffic back to the main office. All policies are managed from a single interface and sync automatically. Free up local server bandwidth and be assured that Web filtering for these users is occurring in the cloud with CyBlock Hybrid!

For more information, visit: Wavecrest Computing

Filtering and Identifying Web Activity by User Name

Identifying Web Activity by User Name

When a company implements Web filtering and monitoring software, it typically wants to filter and monitor the Web traffic flowing through its network by user name versus IP address for various reasons. Some of these reasons include curtailing casual surfing, protecting against security threats, and conserving bandwidth. Furthermore, a company’s Acceptable Use Policy (AUP) is usually based on user names and/or groups of user names. Therefore, the application that enforces and monitors the company’s AUP needs to identify Web activity by user name. IP addresses can be dynamic, and sometimes more than one employee can log on to a computer, and hence, more than one user name will be using the same IP address.

Many an IT administrator is tasked with ensuring that the company’s employees are going through
the proxy that is in place, so that Web activity can be monitored by user name. To get user names
and authenticate users, IT administrators can choose any of the proxy configuration options and
authentication methods described below.

Depending on the company’s preference, one proxy configuration option may be more favorable than the other. Here, we will discuss applying browser settings manually, pushing out group policies using Active Directory (AD), using a captive portal, and installing client software. We will also touch on the different ways that you can authenticate your Internet users using our CyBlock products.

Read more.

Dashboard Charting Now Available in CyBlock Cloud Service

The CyBlock Cloud service dashboard provides multi-perspective, high-level trend and bar charts. A number of these ‘quick-look’ displays depict Web-use activity trends from a variety of perspectives. Others compare activity between users, groups, content categories, and sites. The Dashboard’s easy-to-interpret charts provide an efficient way to quickly determine the amount and characteristics of Web activity and identify problems that may exist.

Dashboard Home
Get a quick overview of your entire organization’s Web activity.  Spot spikes in visits and bandwidth. Identify top users and most visited categories.

dashboardhome

Top Sites Visit Chart
Find out which ten sites had the most visits for the time period you specify.

topsitesvisits

 

Top Sites Bandwidth Chart
Find out which ten sites are consuming the most bandwidth for the time period you specify.

topsitesbandwidth

 

User Trend Chart
View Web-use visits, hits, or bytes over time for users, groups, categories, and acceptability classifications.

usertrend

 

Web Monitor
View Web activity in real time by user ID, the full clickable URL, and its category. Filter on users, groups, or categories to be displayed.

RTMWebResults

 

Wavecrest is excited to unveil our new product knowledge base.

This new knowledge base will provide immediate, 24/7 support to our global customer base. Customers will be able to quickly find the answers they are looking for. The knowledge base comes with an enhanced search tool that shows relevant results as you type, dramatically reducing the resolution time.

Our top-rated technical support staff will be continuously updating the knowledge base. Wavecrest’s technical support staff is committed to providing customers with the best possible product experience. This commitment to quality will ensure the knowledge base will always yield the highest quality results for our customers. Through the knowledge base, customers will also be able to access detailed product release notes, tech tips, and the Wavecrest blog.

Wavecrest is always striving to provide continuously improved, higher level customer support. We furnish our customers with more than just a ‘product’, we provide them with a long-term ‘package’ that combines a cost-effective product with free support services whose priority is equal to that of product design. These services are available during the free product evaluation period and remains throughout the product license term.

See what existing customers are saying about Wavecrest’s technical support team:

“The Wavecrest support engineers are always eager and responsive to assist with any technical challenges facing our network. They have truly made my support to our customer relatively seamless.” -David Scott, Lockheed Martin CITIC

“Any pre-sales questions we had were answered promptly, and Wavecrest’s technical support ranks in the top 5% of all technical support I have worked with in 29 years of being in IT.” -Karleen Carlson, IT Manager, Van Diest Supply Company

“I can’t say enough about the service we have received from Wavecrest in general. From the sales team working with us through the trial and purchase period, to the support team that has answered each of our ‘quirks’.” -Allen Lochamy, Atlanta Bonded Warehouse

“Wavecrest has the best support of any company out there. Their staff members are always courteous to work with and knowledgeable about their product – which is a rarity in this type of work.” -Chris Martin, A+ Computer Solutions

kb

Monitoring Internet Usage … From the IT Department

During July, August, and September of 2011, Commtouch assessed categories of Web sites most likely to be home to malware, below are the top ranking offenders.  The Portals category includes those sites offering free hosting which are often abused to publish malware and phishing content or will redirect to sites with this content.

What were the most-visited categories by your employees during 2011?

Are you currently monitoring and/or blocking the existing Spyware/Malicious, Phishing/Fraud, Public Proxy, and Hacking categories to help protect your network?

Source: Commtouch

In today’s wired workplace, internet security and bandwidth consumption are top concerns for IT professionals while employee productivity and legal liability ail management and HR professionals.  As a major contributor to the Web-use management effort, IT typically becomes deeply involved in planning, testing, selecting, installing, and administering Internet monitoring software.  With the different departments playing a role in deciding on the best product to fit their vast needs, most are left without a solution.  Fortunately, Wavecrest’s products have been reviewed by our customers as meeting each role’s needs most effectively, offering manager-ready, easy-to-interpret reports that can be accessed without the IT personnel in addition to providing a robust, truly scalable IT-friendly remedy.

With Wavecrest Computing, customers have the insight needed to proactively monitor / block the notorious malicious sites based on custom categories, the Wavecrest Control List, and a real-time deep packet analysis process.  Plus, our 19 comprehensive templates provide a variety of summarized and detailed Web-use activity reports on users, groups, categories, sites, acceptability ratings, and bandwidth consumption.  Conveniently import your current Web Use Policy to easily customize or classify categories, implement abuse thresholding, and monitor employee productivity while our Administrator and Operator Accounts allow for non-IT personnel to create and obtain their role-specific reports.

While serving a diverse mixture of commercial businesses, industrial firms, government agencies, military units, educational institutions, and non-profit organizations since 1996, our products continue to present the most up-to-date, proactive coverage in line with the one factor that underlies all Web-use management issues, human online activity. Wavecrest’s managers and developers understand human resource management well and we use that knowledge to develop features that prevent productivity losses, legal liability problems, network issues, and unnecessary costs.

What’s Hogging Your Company’s Bandwidth? Causes for Slow Network Speed this Holiday.

If you haven’t noticed, online holiday shopping lasts well beyond Cyber Monday.  According to a ComScore report, after the 2010 holiday shopping season, more than 85% of Americans online visited a retail site in December of last year.  Employees shopping online at work are likely causing critical applications, like Voice over IP (VoIP) and video conferencing, to perform poorly if at all.  The last thing you and your company need is network latency or slowdowns due to non-work related online activity.  Many of our clients are seeing a spike in bandwidth usage from shopping websites and have quickly taken measures to filter browsing to that category.  Which sites consumed the most bandwidth for your company this month?  Determine what factors are impacting your network speed before you decide to purchase more bandwidth – an expense that could be avoided with the right tools and a bit of discipline.

With 19 different types of highly customizable employee Web-use reports, Cyfin Reporter offer insights as to which types of traffic consume the maximum volume throughout the workday.  Monitor, filter, and report over 500 million Web pages in 74 categories and set throttling thresholds for sites that are slowing your company’s Internet speed with CyBlock Proxy.  Now is the time to address your poor network performance, slow applications, and bandwidth congestion.

We’re so sure you’ll benefit from our solutions that we offer a free 30-day product trial. Both products provide quantified data to help IT personnel keep track of bandwidth utilization by users as well as by type of usage (appropriate versus not so appropriate). After you’ve downloaded our products, take advantage of the User Comparison Trend Chart to detect unexpected spikes that could indicate excessive bandwidth or Web use.  Then review your Top Sites Bandwidth Chart (example seen below) and find out which ten sites are consuming the most bandwidth or had the most hits or visits for the time period you specify.

Top Sites Bandwidth Chart

 

Top Sites Bandwidth Chart for both Cyfin and CyBlock

Online Holiday Shopping Can Cost Your Business More Than Time

Online Shopping Risks

Cyber Monday is no more – in an uncertain economy, post-Thanksgiving online holiday shopping has increased since coined in 2005 and now lasts for one month with more than 50% of all online spending taking place during working hours1.  What does this mean for your business?  A large decrease in employee productivity, a boost in bandwidth consumption, and one of the most popular times for cybercriminals to attack your secure data.

Lost productivity can mean big bucks for your company, reducing employee output to a mere 60%2.  A survey by CareerBuilder states that more than half of the 4,000 respondents polled intend on shopping online while at work with one third of those planning for more than one hour each day, in addition to the two typical hours daily already reported by respondents (time excludes lunch hour and scheduled breaks).  If you do not have a Web-use policy or Internet Acceptable Use Policy (AUP) in place, one is necessary to help report, monitor, and prevent employee Internet abuse in addition to protecting your company from legal liability.

Downloading malware is another risk as employees use the Internet for personal reasons. Spyware and malicious code are big threats to company networks as they can consume bandwidth and compromise security.  Recent studies show that company networks are being infected with spyware and malicious code most often through employees surfing the Web; with the holidays increasing that risk, these threats make it imperative for companies to enforce an AUP to protect their networks. Wavecrest Computing suggests that companies monitor and/or filter employee Web use in order to better protect themselves from security threats. In addition to the inherent risks associated with hacking your online security – loss of company reputation, destruction of company data, and the downtime employees face while systems are restored – the costs to mitigate attacks are extraordinary and rising each year.  This year, U.S. companies are expected to spend more than triple the costs spent in 20063.

To ensure these threats do not happen to your company this holiday season, run through our checklist and remember to check it twice!

  • Install all applicable system and program updates to avoid malware from infiltrating any system frailty that could have easily been patched with an update.
  • Create a Web usage policy and clearly communicate it to your employees.
  • Be cautious prior to clicking on links to different websites particularly those found on social networking sites as they’re often a hotspot for malware.
  • Avoid the use of pirated / illegal software as many contain malware.
  • Never open email attachments from unknown senders and make sure to scan attachments you do decide to download.
  • Make steps to consistently back up your computer in the case that malware wipes your hard drive clean.
  • Monitor servers and security devices 24x7x365 for security issues and require preventative actions be taken on security threats in real time – this is where we come in!

CyBlock can be set up to block Web access by categories and by hour so employees can access shopping sites on their lunch break or after hours. This approach can help sustain morale while minimizing the risks associated with online shopping.  With Cyfin, you can monitor employees’ Web use to ensure that Web-use policies are followed or that unwanted spyware or malware is not downloaded as a result.  Let us guide you to a safer, more reliable, robust security solution with exceptional support at an unbeatable price!

Sources:

1https://blog.comscore.com/2011/11/cyber_monday_work_computers.html

2 https://www.wavecrest.net/editorial/costsavings.html

3https://money.cnn.com/galleries/2011/technology/1107/gallery.cyber_security_costs/index.html?iid=EL