HR is best suited to bring all company stakeholders together to ensure safe and productive Internet access

Monday, April 9th, 2018

employee Web-use management

My discussion here is about the suitability of HR being the hub for employee Web-use management where all company stakeholders are brought together to ensure safe and productive Internet use by all employees. For one, HR’s expertise typically includes personnel policy, codes of conduct, labor relations, workforce training, legal compliance issues, and workforce morale, all of which relate to the employee Web-use management issue. Because of their expertise in policy, training, and processes, HR is in the best position to coordinate the tasks of proposing and developing solutions to ensure that employee Web use is properly managed. After all, Web-use management is not just an IT issue. It is all about employee behavior, productivity, and morale. What Internet-use people issues are you seeing in your company? How are you solving them?

Communication is key in HR’s collaboration with managers, IT, and employees in the company. Starting at the top of the company, HR can educate senior managers on the importance of employee Web-use management, get their input, and keep them involved. By collaborating with IT whose access to highly accurate Web-use reporting and filtering tools can produce easy-to-consume Web activity data, HR can keep upper management apprised of pertinent employee Web behavior. This allows HR to contribute to the organization’s profitability and help keep the company out of severe legal difficulty–important business objectives for senior managers.

As the focal point in the employee Web-use management effort, HR can also schedule Web-use training programs for managers and employees, coordinating with Legal, IT, or department managers who observe a need or have the specific knowledge to train the workforce. Training could include instruction on the proper use of network resources, how to recognize a phishing e-mail message, how to detect malware symptoms, how to recognize and report other online threats, and other Web-use topics. Essentially, training would teach employees how to use Web access productively and safely. In this way, all areas of the company play an important role in proper network resources and policy training that would have a significant impact on corporate Web security. Are these types of training programs taking place in your company?

 

Another HR task would be to communicate the company’s Acceptable Use Policy (AUP) to the workforce by providing it in writing or electronically, requiring a signature to indicate acceptance of the policy. If you do not have a policy, HR, in collaboration with IT, Legal, and senior managers, would be well-suited to establish a sound AUP consistent with your company’s culture. Once the policy is created, HR can work with functional managers and IT to ensure optimum implementation of the policy. As Web activity is analyzed over time, HR can revise the policy as necessary. Managers and HR would work together to ensure employees are complying with the Web-use policy. Along with managers, HR would be involved in specific cases of policy noncompliance.

In communicating the policy to the workforce, HR would focus on promoting the interest of the company as a whole, while helping to maintain or improve employee morale. Managing employees’ use of Web-access resources is a sensitive and complex task, one that involves communicating with all groups–senior managers, managers, IT, and employees–and deals with policy, training, and continuous improvement processes. With HR as the hub, the continuous improvement process would involve the frequent review of employee Web use, new Web services introduced into the network, and new security threats, as well as modification of work processes and appropriate revision of the AUP.

All areas of the company can help manage employee Web use effectively. In the next articles, we will examine more closely IT’s role in employee Web-use management, the requirements of an effective Web-use management program, developing a sound AUP consistent with corporate culture, and other topics related to the human factor of data security.

Please let me know your thoughts on and reactions to this article and my questions by adding a comment. If HR is leading the Web-use management efforts in your business, in what other ways are they collaborating with others in the company?

Follow me on LinkedIn or read more articles on Web-use management on the Wavecrest blog: WaveNews.

Your Employees and Their 917 Different Cloud Apps. Are You a Sitting Duck?

Tuesday, May 3rd, 2016

targeted duckEvery day someone in your company is using a cloud app. Actually, it is probably more like every minute. Let’s not go into the personal versus work devices on the company network, or whether it is Facebook or Dropbox they are using. Those details don’t really tend to matter when the access allowed is for your own business to decide. It is about the sheer number of cloud services and apps in use in the enterprise today, the visibility in knowing what they are, and the many employees who are left out of the conversation.

We hear managers talk about how it can’t happen to them. They have the best employees, and the discussion is unnecessary. It is already understood–they would NEVER do that! Or our favorite–big brother–the need to let your employees know you really trust them and respect their privacy by allowing them to do what they think they need to do on their own. But that’s not going to protect your business when malware hits or a breach happens . . . and the chances of these happening to you are growing exponentially every day, especially when you are not communicating security issues with your employees.

With all the headlines being about Shadow IT, malware, data loss, intrusions, and ransomware, you would think it would be a common workplace discussion. But based on some recent surveys, companies aren’t saying much internally.

Some numbers that may surprise you. What percentage of employees:

  • Have not been told the right way to download/use cloud applications: almost 60%
  • Have not been told risks of downloading cloud apps without IT’s knowledge: just under 40%
  • Have not been told how to transfer and store corporate data securely: over 40% !!!!

To keep things in perspective–studies are showing that on average, enterprises have 917 different cloud apps in use!

This is not a respect for privacy issue. It’s a security issue, for your business and for your employees! Keeping them in the dark does not show them respect or protect them, it makes them victims before anything even happens.

As technology gets stronger, we as individuals have more decisions on what we use to make our lives, including work, more efficient. But if you do not educate and communicate regularly about cyber threats with your employees, have real visibility into their Web usage, or have a clear, agile Acceptable Use Policy (AUP), you are basically a sitting duck.

About Wavecrest Computing

Celebrating 20 years in business, Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

 

*Stats based on surveys from Softchoice and Netskope.

Wavecrest Continues to be a Valued GSA-Approved Vendor

Tuesday, February 23rd, 2016

Contract_Holder_StarMark

 

Wavecrest Computing has once again been awarded a renewal for a GSA Contract. Our first award was in 2000, and now we are proud to be renewed all the way to 2021!

Since 1996, Wavecrest Computing has been a global leader in employee Web-access security and Web-use monitoring and analytics solutions, with scalable filtering and reporting analysis, forensic data tools, and products designed to enable organizations with today’s distributed workforce to successfully address cyber threats.

Our clients include:

  • National Archives
  • Superior Court of California
  • U.S. Computer Emergency Readiness Team (Homeland Security)
  • U.S. Department of Veterans Affairs
  • Florida Department of Health
  • New York City Department of Buildings
  • Georgia Department of Transportation
  • Defense Logistics Agency
  • U.S. Department of Justice
  • National Ground Intelligence Center
  • U.S. Army

Wavecrest’s CyBlock and Cyfin solutions are built with today’s unique business in mind, offering comprehensive cloud services management and visibility into Shadow IT and insider threats, as well addressing legal liability, workforce productivity, and Web security threats such as malware and phishing attempts. We offer multiple deployments that include Cloud Access Security Broker (CASB), Cloud, Hybrid, Software, and Hardware deployments that fit any business type or size. Wavecrest Computing is headquartered in Melbourne, Florida, U.S.A.

For more information on the company, products, and partners, visit https://www.wavecrest.net or follow us on LinkedIn, Facebook, and Twitter.

Wavecrest’s 13th Birthday

Tuesday, October 27th, 2009

We’re Wavecrest Computing, a leading developer of Internet usage management products. Today is our thirteenth birthday. So we’re taking a moment to celebrate, look back, and reflect on some of our accomplishments over the years.

Since 1996, from our base in Melbourne, Florida, we have developed, marketed and supported a spectrum of innovative Internet monitoring and reporting solutions. Our products help all types of organizations manage their employees’ online activities and ensure compliance with acceptable use policies. Starting thirteen years ago with a single customer, our client base has grown to more than 3,000 organizations, many of them Fortune 500 companies and high profile government agencies.

We’re extremely proud of this. But it didn’t just ‘happen.’

The credit goes to an unusually talented and well-led team of development, sales and support people. They all work directly for Wavecrest; none are outsource or temporary employees. For years these dedicated men and women have made sure that we consistently deliver the products and services that our customers need to meet the many dynamic challenges associated with use of the Internet in the workplace.

And those challenges have certainly evolved over the years. Examples include the very real and seriously increasing risks of productivity losses, bandwidth drains, legal liability, and network security threats. And as the Internet grew and the challenges escalated, we have kept pace every step of the way.

Our first product— a basic software application called ProxyReporter—read and analyzed employers’ outbound Web logs. From that data, it then produced reports that helped management and IT monitor employees’ use of Web access.

Then, as the Internet became more sophisticated, we went on to develop a series of increasingly robust Web-use monitoring and filtering products designed to suit a variety of customers and network infrastructures. Our monitoring products now include Cyfin Reporter—a highly sophisticated and scalable logfile analyzer/reporter—and Cyfin Proxy, a standalone Web proxy/monitor/reporter. Our combination filtering/reporting products include CyBlock for ISA—a combination filter/reporter system for use with Microsoft ISA products—and CyBlock Proxy, a standalone proxy/filter/reporting solution.

Our latest innovation is CyBlock Appliance, a hardware based Internet-usage management device. Designed to monitor and help control use of all Internet protocols, CyBlock Appliance is a standalone proxy, monitor, filter and reporter.

Of particular interest, in recent years, we have upgraded all of these products to deal with emerging issues associated with a variety of Web 2.0 advances such as social networking. At the same time we have been busy incorporating new features such as protocol filtering and trend reporting.

Through the years our products have been well received and proven to be highly reliable and cost-effective, and we back them all with a 90-day money-back guarantee.

As proud as we are of our products, we take equal pride in our support services. When customers call, they talk to a real person—here in America—and they get personalized attention. Our support personnel, all of whom have been with us for years, know that customer satisfaction is key to the company’s (and their own) success. And as a result of their responsiveness and professionalism, they have received literally hundreds of kudos and compliments over the years.

So, in sum, we have much to celebrate and be proud of.

Happy Birthday, Wavecrest!