Requirements of an effective employee Web-use management program

Thursday, June 14th, 2018

Because managing employee Web use deals with humans and their actions, it is a continuous process for all sizes and types of businesses, where the goal is to ensure employees use Web access safely for productive, work-related purposes. To attain a high level of success, I believe that this process requires a Web-use management program be put in place that involves many key players in the organization, communication of the company’s Web-use policy, implementation of a reliable tool to monitor and control Web use, and other important activities. In this article, I will discuss the requirements of an effective employee Web-use management program and the activities involved that will bring about safe and productive Internet use by the workforce.

The key ingredient in an effective program is collaboration and communication among the various groups in the company, i.e., senior management, Legal department, IT personnel, HR personnel, department managers and supervisors, and employees. Communication would include IT keeping company stakeholders informed about current hacker threats, as well as HR apprising senior management of pertinent employee Web-use behavior. Collaboration would occur among HR, IT, and department managers in training the workforce. Collaboration would also take place between IT and department heads to select the appropriate Web monitoring and filtering tool.

If you don’t have one already, another necessity of a Web-use management program is to develop a sound Acceptable Use Policy (AUP) consistent with corporate culture. The AUP should describe acceptable and unacceptable Web-use behavior, i.e., company rules for what constitutes desirable, acceptable, unacceptable, and abusive use of the Internet and other network resources. The policy should also clearly state how compliance will be monitored and what the consequences will be to employees abusing the use of network resources. Does your company have an AUP in place that spells out the rules to your employees?

To ensure adherence to the Web-use policy, it should be clearly communicated to the entire workforce, including management, informing them of what is and what is not acceptable in easily understood language. You may also want to have employees acknowledge that they read and understood the policy through a signed acknowledgement. HR and management personnel should hold meetings with workgroups to answer questions and provide any additional information. This fosters open communication in the workplace and allows employees to be more engaged in proper Internet usage.

In addition to communicating the policy to all concerned, another requirement of an effective Web-use management program is training employees on how to use Web access productively and safely. Whether training is conducted or coordinated by HR or in collaboration with managers and other department personnel, training sessions should cover Internet usage and related subjects. Specifically, employees need to be made aware of what sites they are visiting and what they are clicking on the Web. The purpose of training should be to encourage proper, productive, and safe use of network resources while reinforcing the information in the AUP.

An important requirement of a Web-use management program is to use a reliable software tool that is designed specifically to monitor compliance with Web-use policies and proactively control Web access. The tool should also include a smart reporting engine that distinguishes between user clicks (visits) and unsolicited traffic (hits) and easily presents accurate and up-to-date Web-use data, identifying desirable Web usage as well as unacceptable use and trends. Does your tool include a Smart Engine that analyzes Web traffic to better interpret human behavior? Does it generate easy-to-read, manager-ready reports? Does it give details on employee Web use with drill-down reporting capability? These are key features of a Web monitoring and filtering tool that will benefit IT, HR, and department managers.

Another activity that is necessary is following up with corrective actions when inappropriate Web access is detected. With a policy in place, personnel oriented, the workforce trained, and your Web monitoring and filtering solution actively monitoring and controlling Web use, there are still more activities to do. The tool will inevitably reveal patterns of inappropriate use or disclose signs of outright abuse. These incidents will require attention by HR and management personnel. After identifying the problems, management can take appropriate follow-up actions, such as counseling employees, training or retraining workers, changing work processes, and revising or clarifying the AUP. Managers may also need to institute follow-up audits on individual users and, in worst case, take disciplinary action including termination.

The final element of an effective employee Web-use management program that I will cover involves the establishment of a continuous improvement process by the collaboration team, i.e., HR, IT, department managers, etc. In this process, there would be frequent reviews of employee Web use, new Web services introduced into the network, and new security threats, modifications of work processes, and appropriate revisions of the AUP. All company stakeholders would be involved. What other activities have been effective in your company in managing employee Web use?

Unauthorized Web use can degrade workforce productivity, impact network performance, threaten network security, and create legal liabilities. Any of these outcomes can seriously impact your bottom line. An effective employee Web-use management program is essential to prevent this from happening. If the responsibilities of an effective program are carried out well, misuse and abuse of network resources will be minimized without damaging workforce engagement and morale. Getting accurate, actionable information to all collaborators is a must, and the tool that you are using should be able to provide this information. Next time I will discuss how to get this information with reliable metrics generated by a reporting tool.

Read more of my articles on Web-use management on LinkedIn and the Wavecrest blog: WaveNews.

CyBlock® and ConnectWise® – Integration for MSPs

Monday, August 1st, 2016

1-3-Increase-Revenue

Wavecrest Computing is excited to announce a new feature for its Managed Service Provider (MSP) offerings, CyBlock Cloud’s integration with ConnectWise!

The CyBlock integration is built to provide comprehensive Web-use security and analytics along with the time-saving management of the leading ConnectWise Professional Services Automation (PSA) platform. With only one click between ConnectWise and the CyBlock Cloud MSP Partner Portal, MSPs can now automatically populate new client information in the ConnectWise interface, track and manage CyBlock Cloud licenses, proactively pursue timely renewals, and more. This integration is focused on saving time and improving efficiencies, allowing for increased new and recurring revenue, customer satisfaction, and crucial time to focus on mission-critical issues.

CyBlock Cloud for MSPs is a leading Web-use security, analytics, and reporting solution that will fit any MSP client business size or industry type and requires no hardware or software to buy and install, and no maintenance. Monitor, filter, and analyze data to help protect customers from Web-borne threats, such as malware, ransomware, and phishing attacks, while providing useful, time-saving tools, for example, automatically distributed, manager-ready reports, alerts when thresholds are reached, and trusted coverage over any distributed workforce.

“Wavecrest has a great managed service partner program that allows MSPs easy access to manage their CyBlock clients’ needs from anywhere, at any time. Now, we are excited to work with ConnectWise to increase the convenience to MSPs even more. MSPs can now manage their CyBlock Cloud clients directly in the ConnectWise user interface, saving time and expense that they can then use to increase revenue and focus on mission-critical issues,” explains Dennis McCabe, co-founder and President of Wavecrest Computing. “We know that time is money. Developing ways to help MSPs find more time and increase revenue while offering a product and service that surpasses expectations makes us proud of what we do, and motivated to do much more.”

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Provider (MSP), IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit http://www.wavecrest.net.

20 Years Young and Excited About the Next 20!

Tuesday, February 16th, 2016

120223_20bd_jubilej

We are proud to announce that Wavecrest Computing has reached a pretty big milestone…its 20th anniversary! It has been a path we have happily taken with innovative products and a dedicated staff, many of which have been with us since the beginning. We would also like to thank you…our customers, partners, and followers for sharing this journey and challenging us to be constantly reaching for the stars…or the cloud, as the case may be! Here is to an exciting next 20 years where we will remain “at your side” securing your growing, distributed, and agile workforce.

Since 1996, Wavecrest Computing has been a global leader in employee Web-access security and Web-use monitoring and analytics solutions, with scalable filtering and reporting analysis, forensic data tools, and products designed to enable organizations with today’s distributed workforce to successfully address cyber threats. Wavecrest’s CyBlock and Cyfin solutions are built with today’s unique business in mind, offering comprehensive cloud services management and visibility into Shadow IT and insider threats, as well addressing legal liability, workforce productivity, and Web security threats such as malware and phishing attempts. We offer multiple deployments that include Cloud Access Security Broker (CASB), Cloud, Hybrid, Software, and Hardware deployments that fit any business type or size. Wavecrest Computing is headquartered in Melbourne, Florida and is a longstanding GSA contract holder.

For more information on the company, products, and partners, visit https://www.wavecrest.net or follow us on LinkedIn, Facebook, and Twitter.

CyBlock Cloud Removes Security Blind Spots

Thursday, April 10th, 2014

 

CyBlock HTTPs Inspection

CyBlock HTTPs Inspection

Wavecrest Computing announces that SSL Inspection is now available in CyBlock Cloud. The SSL (HTTPS) Inspection feature allows CyBlock Cloud to decrypt, analyze, and fully inspect all HTTPS traffic. In order to defeat security threats facing companies today, the capability of SSL Inspection is becoming critical. With the rise in use of HTTPS and with applications (such as Twitter and Facebook) and search engines enabling SSL by default, most enterprises should expect an average yearly increase of ~20% in SSL traffic. The increased use of SSL can create “blind spots” that can actually reduce security on corporate networks because network security products and other defenses may not be able to monitor SSL traffic effectively or efficiently.

Surveys show 25%-35% of enterprise traffic is SSL-encrypted, and the number can be as high as 70% in specific industries. CyBlock Cloud’s SSL inspection feature enables organizations to gain visibility and control of SSL communications. It provides a critical control point for protection against Web threats, enforcing acceptable use policies and performance. Users can seamlessly enforce usage policies on both unsecured and secure traffic. Users can also choose what traffic to inspect or “tunnel” base on their specific security policies.

SSL traffic is growing into a significant amount of corporate traffic. This creates major blind spots for IT. CyBlock Cloud removes these blind spot, enabling organizations to establish a critical control point for Web protection, policy enforcement and performance of users and Web applications using SSL.