Re: Web Content Filtering

[Kevin Reedy <KReedy () EXCELSIOR EDU>]

FWIW I implemented filtering at an Academic Medical Center, and in 4+ years
I only had one porn 'false positive'.  Nudity is usually a separate
category, and as such we never encountered any issues.  The clinicians,
researchers and students never bounced up against the filter in this
regard.  We had 4-5 unfiltered (still malware site blocked and virus
scanned) workstations.  One was in IT, the rest were in the Drs. Lounge. It
was decided that Drs who have an overnight shift can do what they want.
Business decision, not IT decision.

The one false positive was a researcher looking into a condition called
'kinky hair syndrome'.  This triggered the search filter as a search for
porn, even though the first two google result pages had no porn on them. it
was handled quickly and easily and the porn filter never came across my
desk again.

Another note, gambling tends to be very broad.  By default it won't allow
anyone to check their numbers for the local lotto or mega millions. It
should be easy enough to fine tune for that purpose.




From:   Jim Cheetham <jim.cheetham () OTAGO AC NZ>
To:     SECURITY () LISTSERV EDUCAUSE EDU,
Date:   04/22/2015 03:10 PM
Subject:        Re: [SECURITY] Web Content Filtering
Sent by:        The EDUCAUSE Security Constituent Group Listserv
            <SECURITY () LISTSERV EDUCAUSE EDU>



Ensure that there is a process in place that will grant exemptions to each
category that is blocked, to address issues of academic freedom. (Possibly
no exemptions for technically hostile sites like malware/phishing etc -
require an isolated network for research into those)

We allow any staff member to request an exemption, but require senior
approval from their department/school. It is not our job to 'judge' the
validity of these requests.

If your HR department wants to block porn for example, your anthropology or
gender studies departments will need exemptions in order to do their work,
but it is unlikely that engineering would.

-jim


-------- Original message --------
From: "Bradley, Stephen" <bradlesw () MIAMIOH EDU>
Date:23/04/2015 05:39 (GMT+12:00)
To: SECURITY () LISTSERV EDUCAUSE EDU
Cc:
Subject: Re: Web Content Filtering

My guess is the first thing you will hear is "Academic Freedom" on why no
filtering should be allowed.

Filter only known bad traffic such as malware distribution sites and put a
web cache in.

steve

On Wed, Apr 22, 2015 at 1:08 PM, Donald Welch <djwelch () umich edu> wrote:
  Colleagues,
  I'm the new CISO for the University of Michigan.  I look forward to
  meeting you and working with you.  One of my first issues is web content
  filtering.

  I've been asked whether any other higher education institutions implement
  web content filtering and if so what groups to you filter for and what
  kinds of content.  If you wish, I'd also welcome your opinion on how well
  it works.

  This has started with our health system and my guess is that would be our
  focus if we went forward.  However, one of our Trustees has been
  questioning why we don't filter across the University.  I have to go to
  an initial meeting Friday afternoon, so any info you can give me before
  then would be much appreciated.

  Sincerely,
  Don

  Donald J. Welch, Ph.D.
  Chief Information Security Officer
  University of Michigan
  734-615-0334



--
Stephen W. Bradley CISSP GCFA GCIH GWAPT SSCP
Senior Security Engineer
Miami University
IT Services
bradlesw () miamioh edu
513-529-1809


This message and any attachments contain confidential  Excelsior College information intended for the specific 
individual and purpose. If you are not the intended recipient, you should notify the College and delete this message. 
Any disclosure, copying, distribution or inappropriate use of this message is strictly prohibited.