More and more companies and organizations around the world are preventing their employees from accessing specific websites, restraining their Internet use based on security as well as efficiency concerns. In this article we show how blocked sites at work can prevent companies from being the target of cyber attacks while also increasing the efficiency of their workforce. We also analyze the implications of privacy regulations like the GDPR on workers’ monitoring.
1. Blocked sites at work: an overview
According to research conducted by Spiceworks in 2018, already back then 96% of large businesses, hence companies with over 1,000 employees, used to block access to at least one online website. Considering all types of businesses, from SMEs (small and medium enterprises) to large corporations, the research carried out reported that 89% of them were restricting Internet access by blocking or limiting the use of certain websites.
The Spiceworks research also found out that 58% of the companies analyzed reportedly monitored employee Internet activity on corporate networks. Like with any other controlling activity, there are two sides to this story. On the one hand, there are security considerations. On the other, ethical ones.
>> FlashStart protects your company from a wide range of threats and prevents access to malicious and distracting websites ? Start your free trial now
1.1 Top reasons for restricting Internet access on the workplace
The top reason why IT departments decide to block access to specific websites is linked to security concerns. The Spiceworks research reports that in 2018 blocking malware was a reason for 90% of IT departments. Linked to security is also the fifth reason listed by the research, that is, the fact of preventing sensitive corporate data from getting leaked or hacked.
However, security of the network is not the only one sought by companies and organizations. There is a lot of discussion also about appropriateness in the workplace: 84% of IT departments believe preventing users from visiting websites deemed inappropriate for the work context was a main reason to restrict Internet use and 83% thought this might help prevent user behaviors perceived as “unacceptable”. Both of these reasons are also linked to another, much wider topic, that is that of enhancing employee productivity in the workplace, a motive chosen by 46% of the respondents.
The fourth motive listed among the reasons for having blocked sites at work is the fact of avoiding legal issues and complying with regulations (66% of respondents from IT departments). This is linked both to external legislation and to internal company procedures set up with the intent of granting the safety of data and documents stored in the company servers, but also of company reputation in general.
The final reason is more about the physical resources of a company: preventing access to certain websites helps avoid bandwidth issues. This is especially true with streaming services, like Netflix, YouTube or Spotify, whose use at a wide level might result in slowdowns within the whole company network.
>> FlashStart is completely cloud-based and can be activated both at the router level and as an end-point application ? Start your free trial now
1.2 Ethical considerations
While restricting access to certain websites is a proven way for companies to decrease the chances of being the targets of the next cyber attacks, controlling what employees do online, what they search for and keeping track of the websites they access from their work laptop is a more delicate matter, which comes with wider ethical considerations.
The questions are: how much monitoring is allowed? How much monitoring can employers put in place without incurring privacy-related issues? The laws that regulate this sphere do not provide clearcut answers and in many cases are still being written, mirroring the evolving situation on the ground.
1.3 ECPA and workplace monitoring in the United States
In the United States, for example, the Electronic Communication Privacy Act of 1986 (also known as ECPA) allows business owners to “monitor all employee verbal and written communications as long as the company can present a legitimate business reason for doing so”.
Additional monitoring is also envisioned by the law, provided that the employees give their consent. However, the ECPA consent provision is tricky, since it could be perceived as allowing business owners to eavesdrop and follow the employees’ personal communications.
1.4 GDPR and employees’ monitoring in the European Union
In the European Union, the more recent General Data Protection Regulation (usually referred to as GDPR), published in May 2018 and that replaced the Data Protection Directive of 1995, sets some clearer rules as to what is allowed in terms of employees’ monitoring.
The GDPR allows for workplace monitoring but it sets some clear guidelines for it, especially regarding the extent to which it is allowed and the requirements an organization must satisfy in order to do it. In particular, it provides for the creation of company policies that explain to the employees the circumstances for the monitoring and ensure them of fair use on the part of the company.
As far as private communications are concerned, article 4 of the GDPR states that organizations must prove that they have a lawful ground to collect and monitor this information, in order to safeguard the employees also considered the imbalance of power between the employer and the employees.
Finally, the GDPR also makes clear that under no circumstances are employers justified in using extensive or automated monitoring methods (like spyware) to check the employee’s browser history and workplace communications.
>> The FlashStart Internet protection is compliant with privacy regulations (GDPR and other local privacy requirements) ? Check out our offer
2. Web filters: the safe choice for companies and organizations
Considering all the discussion up to now, it is clear that, while monitoring the use your employees make of the Internet is a complicated issue, you can adopt tools that comply with local-specific privacy regulations and prevent employees from navigating towards unwanted websites, either because they are malicious or because they are considered distracting.
Web filters are probably the most widespread and useful tool in this toolkit. They work at the DNS level, meaning they verify all the outgoing requests to see if the DNS is present in the denied lists available. More specifically, every time an employee types the name of a website he wants to reach, the web filter checks the IP address of the website to see if it is included in a variety of lists that contain all the websites deemed dangerous or unsuitable or distracting. If the webfilter has been instructed to block access to those lists, then the employee will not be able to access the website he wishes to.
3. The FlashStart web filter: blocked sites at work, made easy
FlashStart offers a DNS web filter that is reliable and especially easy to set up, manage and personalize to satisfy all your needs.
3.1 FlashStart: easy to set up
Entering the secure FlashStart world is easy and takes only a few, guided steps. You do not have to buy any additional hardware or download any software. FlashStart is completely cloud based and, solely by redirecting your Internet traffic to the FlashStart cloud, it will be easy for you to grant a safe navigation.
You can activate FlashStart at the router level, thus ensuring that all the devices connected to the company network are protected by the FlashStart umbrella, or at the end-point, directly on the single device through the ClientShield application, a solution designed to satisfy the needs of an ever more mobile workforce.
3.2 FlashStart: easy to manage
Once you install FlashStart you can forget about it. Being based on the cloud, the system does not require you to download any updates and you will not have to proceed with any lengthy reboots in order to install the updates. All updates are received directly by the cloud, allowing you to enjoy up-to-date protection at all times.
Moreover, FlashStart uses a mix of human and artificial intelligence to continuously scan the Internet in order to identify new threats and verify them. The algorithms also have the power to analyze and “learn” the behavior of the threats, so as to highlight changes and developments in existing threats.
3.3 FlashStart: easy to personalize
You can personalize FlashStart so as to ensure that the list of blocked sites at work includes all the domains you wish your employees do not access from the workplace.
As a default option, FlashStart blocks access to all contents deemed dangerous and that could result in an attack on your company network. On top of this, it provides lists of websites that you can choose to block independently, like social networks, online shopping sites, adult contents, gaming platforms, websites with violent contents and others. Finally, you can add your own “allowed lists” including the domains your employees should always be granted access to.
You can also decide to apply different restrictions to different user groups and, if your company is using the Microsoft Active Directory, you can replicate the structure of the directory within the FlashStart settings and allow FlashStart to communicate with your directory so as to easily manage any newcomers.
>> FlashStart has been chosen by over 600 resellers and partners all over the world ? Check now out our offer
You can activate the FlashStart® Cloud protection on any sort of Router and Firewall to secure desktop and mobile devices and IoT devices on local networks.