The World Wide Web is a wonderful source of information that can be useful to employees in doing their jobs. But it also has the potential to be a big source of trouble when employees visit the wrong sites from company computers. Some of the possibilities are obvious:
• If pornographic sites are displayed on company computers or the images are downloaded and subsequently viewed by other employees, the company could be subjected to a sexual harassment lawsuit under Title VII of the Civil Rights Act of 1964 for creating a "hostile work environment."
• If child pornography is viewed or downloaded to company computers, this could result in a criminal investigation and seizure of the computers in question, as well as arrest of one or more persons and negative news media attention for the company.
• Many questionable sites, including porn sites, music download sites, hacker sites and "warez" (illegal software) sites, contain active content that can download viruses or other malicious software to the user’s computer with his/her knowledge. Viruses that are downloaded this way can be spread throughout the company network or even beyond the local network, or the system can become an entry point for attacks on the network or be taken over to act as a "zombie" to be used in attacks on other networks.
These are only a few of the dangers presented by uncontrolled access to the Web. But how can you address the problem without taking away Web access completely? Here are some solutions:
• Many firewalls have the capability of monitoring users’ Web access, so that you can see who visited what sites, and when.
• Web content filtering software, such as Websense (www.websense.com) and SurfControl (www.surfcontrol.com) can block Web sites based on lists of reported offensive sites in many categories, by IP address/domain name, or by keywords.
• Browsers can be configured not to allow download of executables, to block Active X, Java and other active technologies, to help prevent "drive-by downloads" from sites that may not be blocked by filtering software. Administrators can use Group Policy on Windows machines to apply browser security settings and prevent users from changing those settings.
Lakeland Computer Networking
My Computer Girl, Inc.
www.MyComputerGirl.com
