Security Basics mailing list archives
Re: Web filters - Effects on Productivity
From: krymson () gmail com
Date: 23 Apr 2008 13:48:59 -0000
Your question is a good one, and one I see increasingly discussed in various forums, especially since "how do I bypass a proxy filter" posts occur daily on blogs and discussion boards (and in every issue of 2600!). Web filters really should only have two and a half primary uses: 1) Improved security by disallowing dangerous sites. This isn't perfect, but it should have a measurable effect with your desktop support staff. Stopping pornography and other inappropriate surfing should fall into this bullet as well. 2) Auditing of web browsing. While the filter itself shouldn't be playing ethics police with your workers' surfing habits, it does provide reporting and auditing for management/HR to use. If someone is addicted to gaming forums and wastes 5 hours a day trolling them, you want to proof to back up disciplinary actions. 2.5) Provide a little data loss prevention. For instance, do you allow employees to utilize their gmail/hotmail accounts at work? How do you know they're not siphoning off sensitive work docs through that email system? This is a "half" bullet because you can only stop the big parties that everyone knows, but you won't stop smaller mail portals or the one I can put up at home on my own mail server. But it should help for casual crimes of opportunity. Determined users will find ways through, unless the rest of your network security posture is tight. This is all balanced against worker happiness. A happy worker is a productive worker. If you worked in a casual start-up, would you expect to have unfettered internet access? What about at a government facility? These extremes can illustrate that there is no universal answer to this question. It is very situational. It also depends on the personality of your security officer(s). Do they only look at solutions that provide absolute security, or are they sympathetic to solutions that are not perfect, but add some value incrementally? These are two very different paradigms. In a common SMB environment, I would use the above 2.5 points as the purpose of a web filter. As a tech/security-savvy SMB worker, I feel happiest when I am not under the hard hand of a draconian web filter regime, and thus I also feel more productive. Likewise, being in security, there are times I need to see some questionable sites. And I definitely regularly pop up on web filter reports because IP xx.xx.xx.xx was scanning me, so I poked back at it only to find it hosted porn. Doh. <- snip -> I'm not bringing into question the technical security benefits of web filtering; those are obvious. Do web filters in schools and offices *really* give productivity a boost, or do they simply shift what sites or activities employees waste company time on? Have there been any solid studies on this topic?
Current thread:
- Web filters - Effects on Productivity Noah (Apr 21)
- Re: Web filters - Effects on Productivity Manuel Aróstegui (Apr 21)
- RE: Web filters - Effects on Productivity Murda Mcloud (Apr 21)
- RE: Web filters - Effects on Productivity Dan Lynch (Apr 22)
- RE: Web filters - Effects on Productivity Nick Duda (Apr 22)
- <Possible follow-ups>
- Re: Web filters - Effects on Productivity krymson (Apr 23)