04/10/2011

By Claire West

Web-use policies are not a new measure in the workplace — they’ve been applied since staff first started to access the web at work — however, they are often paper-based and almost impossible to enforce. Today, changes to how people are using the Internet, spurred on by the wealth of new Web 2.0 applications, means that businesses shouldn’t undervalue a corporate Web-use policy. An automated and flexible policy that can be actively enforced is both an effective way of protecting an organisation from web security attacks, as well as delivering productivity benefits.

Many businesses are still only paying lip service to a static, paper-based policy printed in a company handbook which is quickly forgotten after an employee’s induction. Test this out for yourself by asking the next five colleagues you meet by the coffee machine if they know what the company Web-use guidelines are? They probably won’t.

Today’s employees can watch TV, listen to the radio, play games, buy and sell, or chat with friends, all from the comfort of their office chair. The very alluring nature of the Internet means that personal surfing is not just consigned to lunch breaks anymore and experience shows that there is no value in taking a draconian approach to who can use it and when. Many companies and analysts now say that locking down internet access means you risk losing employees altogether! Plus, employees, frustrated with limited internet access at work, are trying to find their own workarounds which cause further problems.

Unmanaged web access can cost a company a lot of money in terms of lost productivity. Here’s a simple bit of maths based on the current minimum wage (£5.8/hour): if everyone in a 30-employee company takes 30 minutes out of their working day (outside of normal breaks) for personal surfing that would cost the company a minimum of £1,740 in a month (£2.90 x 20 days x 30 people). And this doesn’t even factor in the cost of what that employee should have been doing! Can you afford that kind of loss?

Rising levels of Web-use can also considerably drain bandwidth, so an automated policy helps businesses to sensibly manage this while allowing a reasonable level of personal Internet use.

While productivity is a very real issue to the majority of businesses, security is a fundamental yet often overlooked problem. All businesses need to be mindful of protecting the company and employees against potential security threats, while recognising that online applications can also be useful business tools. For example, with social networking becoming the fastest growing use of the Internet at home and in the office, it’s crucial that businesses take a balanced view of services like YouTube, Facebook and LinkedIn. Businesses need to acknowledge that these sites are not immune to today’s web security threats. Recent attacks show hackers are increasingly turning their attention to social networking sites such as YouTube and Facebook to evade traditional anti-malware techniques primarily focused on email. This is yet another wake-up call to businesses that they need to ensure safe and reasonable use of these types of sites.

What all of this means is that an organisation’s Web-use policy can never be static—it should continuously address security and productivity matters. And don’t rely on individuals to adhere to a prescribed paper-based policy, as security is not the primary concern in their daily jobs!

There are clear business benefits to deploying an automated Web-use policy that reflects today’s Web behaviour and its related risks. The key is to employ web (content) filtering as a flexible management tool and to strike the right balance so that a Web-use policy enforces good business practice and delivers a positive difference.

Source: Websense, a global leader in integrated Web security, data security, and email security solutions, protects approximately 40 million employees at more than 40,000 organisations worldwide. Distributed through its global network of channel partners, Websense security solutions help organisations block malicious code, prevent the loss of confidential information, and enforce Internet use and security policies. Websense delivers best-in-class security solutions that allow organisations to work in new, more efficient, and innovative ways and that keep employees productive anytime, anywhere. www.websense.com


Join us on
Follow @freshbusiness