Educause Security Discussion mailing list archives
Re: Web Content Filtering
From: Kevin Reedy <KReedy () EXCELSIOR EDU>
Date: Wed, 22 Apr 2015 15:31:11 -0400
FWIW I implemented filtering at an Academic Medical Center, and in 4+ years I only had one porn 'false positive'. Nudity is usually a separate category, and as such we never encountered any issues. The clinicians, researchers and students never bounced up against the filter in this regard. We had 4-5 unfiltered (still malware site blocked and virus scanned) workstations. One was in IT, the rest were in the Drs. Lounge. It was decided that Drs who have an overnight shift can do what they want. Business decision, not IT decision. The one false positive was a researcher looking into a condition called 'kinky hair syndrome'. This triggered the search filter as a search for porn, even though the first two google result pages had no porn on them. it was handled quickly and easily and the porn filter never came across my desk again. Another note, gambling tends to be very broad. By default it won't allow anyone to check their numbers for the local lotto or mega millions. It should be easy enough to fine tune for that purpose. From: Jim Cheetham <jim.cheetham () OTAGO AC NZ> To: SECURITY () LISTSERV EDUCAUSE EDU, Date: 04/22/2015 03:10 PM Subject: Re: [SECURITY] Web Content Filtering Sent by: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Ensure that there is a process in place that will grant exemptions to each category that is blocked, to address issues of academic freedom. (Possibly no exemptions for technically hostile sites like malware/phishing etc - require an isolated network for research into those) We allow any staff member to request an exemption, but require senior approval from their department/school. It is not our job to 'judge' the validity of these requests. If your HR department wants to block porn for example, your anthropology or gender studies departments will need exemptions in order to do their work, but it is unlikely that engineering would. -jim -------- Original message -------- From: "Bradley, Stephen" <bradlesw () MIAMIOH EDU> Date:23/04/2015 05:39 (GMT+12:00) To: SECURITY () LISTSERV EDUCAUSE EDU Cc: Subject: Re: Web Content Filtering My guess is the first thing you will hear is "Academic Freedom" on why no filtering should be allowed. Filter only known bad traffic such as malware distribution sites and put a web cache in. steve On Wed, Apr 22, 2015 at 1:08 PM, Donald Welch <djwelch () umich edu> wrote: Colleagues, I'm the new CISO for the University of Michigan. I look forward to meeting you and working with you. One of my first issues is web content filtering. I've been asked whether any other higher education institutions implement web content filtering and if so what groups to you filter for and what kinds of content. If you wish, I'd also welcome your opinion on how well it works. This has started with our health system and my guess is that would be our focus if we went forward. However, one of our Trustees has been questioning why we don't filter across the University. I have to go to an initial meeting Friday afternoon, so any info you can give me before then would be much appreciated. Sincerely, Don Donald J. Welch, Ph.D. Chief Information Security Officer University of Michigan 734-615-0334 -- Stephen W. Bradley CISSP GCFA GCIH GWAPT SSCP Senior Security Engineer Miami University IT Services bradlesw () miamioh edu 513-529-1809 This message and any attachments contain confidential Excelsior College information intended for the specific individual and purpose. If you are not the intended recipient, you should notify the College and delete this message. Any disclosure, copying, distribution or inappropriate use of this message is strictly prohibited.
Current thread:
- Web Content Filtering Donald Welch (Apr 22)
- Re: Web Content Filtering Bradley, Stephen (Apr 22)
- Re: Web Content Filtering Donald Welch (Apr 22)
- Re: Web Content Filtering Jim Cheetham (Apr 22)
- Re: Web Content Filtering Kevin Reedy (Apr 22)
- Re: Web Content Filtering Brian Helman (Apr 22)
- Re: Web Content Filtering Barros, Jacob (Apr 22)
- Re: Web Content Filtering Spaller, Mary E. (Apr 22)
- Re: Web Content Filtering Brad Judy (Apr 22)
- Re: Web Content Filtering Donald Welch (Apr 22)
- Re: Web Content Filtering Spaller, Mary E. (Apr 22)
- Re: Web Content Filtering Kevin Reedy (Apr 22)
- Re: Web Content Filtering Carroll, Tim (Apr 22)
- Re: Web Content Filtering Tevlin, Dave (Apr 22)
- Re: Web Content Filtering Miller, Richard H (Apr 22)
- Re: Web Content Filtering Harry Hoffman (Apr 22)
- Re: Web Content Filtering Tevlin, Dave (Apr 22)
(Thread continues...)
- Re: Web Content Filtering Bradley, Stephen (Apr 22)