Web content filtering is typically supplied as part of broader cybersecurity measures, with most internet security appliances offering the option to enable filtering, and many default configurations enabling it from the outset. Yet as with many topics in information security IT personnel should never assume that content filtering features are active or optimised. In this article, we outline key reasons why content filtering is still so important, and briefly describe how to enable content filtering for your organisation.
1. Employee misconduct
When thinking about blocking specific categories of websites the key concern is often security and productivity, but one point is not always touched on: the risks of employee misconduct. At the lighter end of the misconduct scale web filtering will prevent employees from accessing inappropriate websites. Examples include explicit material, racist and xenophobic sites or any other websites containing content that stand a high chance of being judged unacceptable. A web browser alone will not filter these sites out by default.
On the lighter end of the scale, content filtering can help prevent unintended conflicts: while one employee may find a site humorous, another may find it offensive and this can lead to workplace conflict. Filtering out websites that are known for risqué content will help prevent this.
However, there are more serious potential liabilities. When employees commit criminal acts while they are at work a company can find itself at the wrong end of awkward questions, or worse. Web content filtering can prevent access to known criminal sites (or sites with a high-risk factor) while at the same time providing employers with thorough logging and tracing information should they need to find who is responsible for a crime. Without the help of filtering or tracking capabilities, companies may find themselves at risk.
2. Maintaining productivity
The internet is known for an innumerable number of sites, including social media, that are excellent at consuming time without a real payoff. Content filtering can be a useful tool here, but employers should be careful about the way filtering is implemented as a measure to stop employees from drifting off. Broadly blocking all B2C sites and social media is too blunt an instrument and employees can simply turn to their mobile phones instead.
One option is to limit social media access so that employees can only access social media outside core business hours, and during lunch breaks, if your staff work on a regular schedule. Another alternative is to take a more granular approach to block, walling off the websites that serve up time-wasting content while keeping key social media sites active. Either way, content filtering can keep your employees from aimlessly jumping from one humorous site to the next for an entire Friday afternoon.
3. Cyber-attacks and malware
Modern-day browsers are good at preventing users from visiting malware-infested sites, but business security benefits from referring requests through the third-party databases that are behind web content filters. A good security appliance instantaneously refers to requests to a hot, live database that is frequently updated with emerging risks.
It is often an emerging risk that poses the biggest threat to security and doubling up on the protection already on offer in Chrome, Edge, Firefox and Safari is an excellent way to prevent users from accidentally downloading malware or otherwise accessing risky content. More advanced devices can also apply real-time threat detection algorithms to stop web content that contains malware from being delivered to a user, even if it has already been requested – useful when the site itself has not yet been flagged for malware.
4. Prevent data leakage
Finally, filtering can serve another useful purpose: preventing users from uploading data across the internet without permission. In highly secure environments IT staff will have blocked physical ports, but stopping the use of file upload sites is more difficult. A network security appliance with the right features can, however, filter out the services used for sending files, keeping your business data safe.
Ensuring active content filtering
Most office networks will employ more than just a basic firewall at the network edges: instead, a fully-fledged network security appliance will be deployed to offer real business security. Modern firewalls are flexible, OS-driven devices that offer deep configuration possibilities, but these configurations are not always tinkered far beyond their default states.
First, it is essential to ensure that the web content filtering feature is enabled, by whatever name it is called in the manufacturer’s supplied OS – this may require the purchase of an additional software license. Security experts should then take the time to discuss policy requirements with other senior staff and fine-tune the categories which are blocked.
For the user that works outside of the company’s network perimeter, there are a couple of possibilities. One would be to install Windows or OS X-based filtering software, ensuring that it cannot be circumvented. Another option is to change the network configuration on the device to route DNS queries through a DNS server that performs filtering before resolving requests.
Don’t ignore the importance of filtering
With browsers now successfully filtering such a large proportion of dangerous sites on behalf of users it can be tempting to relegate active content filtering to a nice to have, but as we have just described a separate layer of filtering is still a very important tool. Companies should ensure they make the best use of the filtering tools already available to them or acquire the required tools if need be.