Should you use a web filter in your company? With the internet, we can connect with the 4.54 billion people (nearly 59 percent of the global population!) that are using the internet today by accessing forums, instant messaging, social media, email, and other forms of communication. The internet allows businesses of all sizes to access incredible amounts of knowledge and other helpful resources that are critical for business growth. Surely there’s no need to limit internet access in the workplace, right?
Here’s the thing – while the internet is an amazing tool when used appropriately, it also allows for a great deal of undesirable consequences: Malicious hackers exfiltrating sensitive data, underaged persons discovering age-inappropriate content, and lost productivity when employees spend too much of their time on distracting websites.
In this CurrentWare guide, we will cover the most common uses for internet content filters, how websites are blocked, and how you can use CurrentWare’s web filtering software BrowseControl to take back control over the content accessed through your network.Table of Contents
A wide variety of industries and organizations will use a web filter to blacklist websites and computer applications that they consider to be unsafe, unproductive, or otherwise inappropriate for their users to access. The web filtering features of content-control software are used to enforce internet use policies by proactively blocking websites and applications.
Organizations That Commonly Use a Web Filter:
While the software used for blocking applications and filtering websites by these organizations works the same, the motivations they have for using it will vary. In the following sections, we will break down the most common reasons that schools, libraries, and private businesses use a web filter as part of their operations.
As a network administrator, Joe is responsible for maintaining the network infrastructure of his company. Recently there have been complaints of high latency on the network leading to lost VOIP connections and difficulties using the internet.
Before making recommendations to invest in costly upgrades to the existing bandwidth, Joe used BrowseReporter’s bandwidth monitor to identify employees that were using excessive amounts of bandwidth. Thanks to BrowseReporter’s bandwidth usage reports, Joe quickly discovered that several employees were abusing the available bandwidth by streaming movies on Netflix during work hours.
After blocking access to Netflix with BrowseControl, Joe reported the inappropriate use of technology to the department manager. After viewing the reports provided by Joe, the department manager agreed to review the company’s Acceptable Use of Technology policy with their team.
Zayn has noticed a serious decline in employee productivity in his office. To cut back on internet-based distractions, he has installed BrowseControl on his employee’s computers to block access to unproductive websites during work hours.
As part of his CIPA compliance requirements, Tyler uses a web filter to help protect his underaged patrons from accessing age-inappropriate visual content. As a librarian, Tyler is passionate about ensuring that his patrons have access to the resources they need to perform legitimate research. Because of this, Tyler has ensured that his content filtering solution is easy-to-use so that everyone on his staff can disable the filters for specific users on request.
Sylvie is the HIPAA Security Officer for her company. She uses strict internet access controls to protect the sensitive personal health information (PHI) of patients against internet-based malware intrusions.
Internet filtering is a hot topic in the EdTech space. The key debate surrounding content filtering in schools and libraries is this: are web filters too restrictive?
Schools and libraries are in the tough position of determining how to implement content filtering in a way that balances intellectual freedom with the desire to protect networks against malware while also preventing their underaged internet users from accessing age-inappropriate content.
In the United States, the Schools and Libraries Program – better known as “E-rate” – requires that these institutions maintain CIPA compliance in order to qualify for discounts on their internet and telecommunication infrastructure.
Under CIPA, schools and libraries are required to implement content filtering technology that is designed to prevent underaged users from viewing inappropriate matter on the internet. This has raised concerns that the required CIPA filters conflict with an American citizen’s First Amendment freedoms and the core values of librarianship.
Because schools and libraries that do not implement an internet filter for CIPA compliance are ineligible for highly sought-after discounts on critical internet and telecommunications technology, the use of web filters is naturally highly prevalent. While the intention of CIPA is to block underaged users from viewing inappropriate visual content, there is the potential that an overzealous implementation of filtering technologies will inadvertently block patrons from accessing legitimate research.
The Debate on Internet Filtering in Schools and Libraries:
To maintain a balance between ensuring intellectual freedom while simultaneously preventing access to objectionable content, the filtering software used to block internet access in libraries and schools must allow designated staff to easily disable the internet filter for a specific user after a request is made.
To mitigate classroom distractions, schools with one-to-one computing (“1:1”) programs rely on internet filters to ensure that their students are not distracted by technology during class time. Internet filtering software allows students to access digital learning materials without unproductive websites becoming a hindrance to their learning.
Colleges and universities are less concerned about directly blocking access to adult-oriented content on their network as the acceptable use of technology in education is more readily understood and followed by adult learners. K-12 schools are more restrictive with their internet access enforcement as students are still developing their digital literacy skills and are at a higher risk to inappropriately access objectionable content.
While some degree of filtering may be used in adult education institutions to block clearly objectionable content such as pornography, they are typically less restrictive with their internet access policies as they do not want to infringe on the legitimate research needs of their students. Internet filters are instead used as an added layer of protection against web-based cybersecurity risks.
Businesses typically place a greater emphasis on network and data security as their employees will have a direct connection to the networks that have access to sensitive data, whereas schools typically provide students with a designated network that is separate from the ones used to store and process sensitive data.
Why Businesses Use Content Filtering:
“Cyberloafing” is a term used to describe the phenomenon of employees surfing the internet for non-work reasons during paid working hours. With reports showing that employees can spend as much as 2.5 hours per day on non-work internet activities, an employee making $15 per hour will cost their employer over $73,000 per year in unproductive internet browsing. Managers that are concerned about time theft caused by excessive unproductive internet use will use web filters to block commonly abused websites such as social media and online gaming sites.
The use of the internet to harass coworkers in the workplace leads to a hostile work environment – this highly inappropriate use of workplace technology causes severe employee disengagement when the harassing behavior is not adequately addressed. While web filters alone cannot fully prevent employee misconduct, the proactive blocking of inappropriate websites can reduce the opportunities for malicious employees to spread harmful content to their coworkers.
Web filters that include application blocking features will prevent employees from using peer-to-peer (P2P) file sharing platforms in the workplace by blocking access to the websites and applications that are used to download pirated materials.
Why Piracy In The Workplace Is Dangerous:
Healthcare organizations and government entities are often subject to strict regulatory requirements that mandate the use of technical safeguards to protect the sensitive data in their custody. Internet filters are frequently deployed as an added layer of defense against external threats that can be transmitted through compromised and malicious websites.
Government & Healthcare Data Security Compliance Frameworks:
As government and healthcare organizations need to access a large quantity of sensitive data as part of providing critical services, they are often targeted for ransomware attacks. Ransomware is a type of malware that is used by cybercriminals to maliciously encrypt data on the victim’s system until they pay their attacker a ransom in the form of a cryptocurrency.
Ransomware attacks have become increasingly common as members of malicious hacker networks increasingly supply would-be attackers with “Ransomware as a Service) (RaaS) platforms that allow them to easily execute ransomware attacks without needing to develop and execute their own programs. Content filtering helps fight against ransomware attacks by proactively blocking websites that are used to execute ‘drive-by downloads’ that infect a user’s machine with the ransomware software without their knowledge.
Content filtering software that can block Windows applications also protects against unauthorized computer programs (“Shadow IT”). Shadow IT programs can be a critical data security risk as they aren’t properly monitored and managed by the corporate IT department and employees can potentially be sharing confidential files through them.
There are well over 1 billion sites currently on the world wide web, and approximately 380 new websites are created every minute! With such a massive influx of information, how can internet filters keep up?
The two core components of identifying the websites that will be managed by your internet filtering software are its whitelists and blacklists.
Whitelist: A whitelist (aka an allowed list) is a list of the websites (domains), URLs, and ports that you would specifically like to allow on your network. Whitelisting is typically used in a deny by default approach when administrators would like to block access to the entire internet except for the websites on the whitelist.
Blacklist: A blacklist (aka a blocked list) is a list of the websites (domains), URLs, and ports that you would specifically like to block from your network. Manual blacklisting-only approaches are typically used when administrators want to allow access to the majority of the internet with a few exceptions.
Before manually configuring whitelists and blacklists, it helps to know the difference between a domain and a URL as they can be used in unique ways to further refine your internet filtering configuration.
URL filtering is best used to make unique refinements to an existing whitelist or blacklist. For example, if you are using BrowseControl’s Category Filtering feature to blacklist domains that pertain to specific categories you can make an exception for a specific URL by adding it to your whitelist.
Because of the substantial amount of websites on the web today, manually blacklisting websites simply isn’t enough to keep up. Internet filtering software with a category filtering database is designed to help network administrators manage their desired content restrictions more efficiently by allowing them to seamlessly block or allow millions of websites across hundreds of predefined categories in just a few clicks.
Category filtering is incredibly useful for blocking websites based on specific intents such as increasing productivity, preventing access to obscene content, and blocking access to websites that are known to be compromised by malware.
How to Use Category Filtering:
Port filtering blocks internet access using dedicated network port numbers that are standardized by the Internet Assigned Numbers Authority (IANA). Using port filtering, you can block access to network ports that are used for specific functions such as File Transfer Protocol (FTP), torrenting, and proxies.
While some content filtering technologies use keywords to identify potentially objectionable content, a keyword filtering approach often leads to false positives. This unintentional overfiltering of content based on keywords is known as the Scunthorpe problem; with keyword filtering in place any web pages related to Scunthorpe – an industrial town in Lincolnshire, England – will be wrongfully filtered.
This next section covers the general steps you can take to use a web filter in your company. If you would like personalized guidance and advice on how to use CurrentWare’s content control software BrowseControl to implement the best internet filtering for your organization, our expert technical support team is here to help.
Web and application filtering solutions are capable of much more than simply blocking websites and applications – the best internet filters come with a variety of features designed to provide you with the exact content filtering configuration needed to manage your network.
Features Included in the Best Internet Filtering Software:
As part of your internet management strategy, you can use internet monitoring in tandem with internet filtering. We’ve written a detailed overview of the different use-cases for internet filtering and monitoring in the past if you’d like to read more.
For the best results, many CurrentWare customers opt to use both methods to create a robust internet usage management ecosystem that addresses their policy enforcement needs while also providing valuable insights into how their workforce uses their organization’s assets.
Boston Centerless has made great use of CurrentWare’s internet usage management software by combining BrowseReporter’s internet monitoring with BrowseControl’s web filtering. They use BrowseReporter’s internet and application monitoring features to regulate the browsing habits of their employees and they use BrowseControl’s web filter to block access to websites that BrowseReporter has indicated as being commonly abused.
User context is important. What is considered an inappropriate website for one user may be required by another user to perform their work. Blocking social media is great for reducing distractions in the workplace, but if you block your marketing and public relations staff from accessing your organization’s social media accounts they cannot perform that part of their role.
With the wide variety of users connecting to your network, your web filter needs to include granular customizations for your blacklists. With BrowseControl you can configure unique software-enforced policies for each of your devices, departments, and users based on their exact content filtering needs.
If you have dozens, hundreds, or thousands of users to manage, manually installing the software agents for your web filtering solution will be a tedious task. CurrentWare supports advanced deployment methods for BrowseControl and the other solutions in the CurrentWare suite, allowing you to easily perform a remote client install for all of your users from the convenience of a centralized console.
Currentware Products Can Be Deployed in a Variety Of Ways:
Web and application filtering is an excellent tool for enhancing endpoint security, managing productivity, and preventing users from accessing inappropriate content. If you would like to start using content control software to manage internet and application use in your organization, reach out to the CurrentWare team today and we will give you a FREE trial of BrowseControl so you can see the power of content filtering first-hand.
If web filtering will be a part of your cybersecurity plan, you will get the best value by purchasing the entire CurrentWare suite. CurrentWare’s software suite includes solutions for USB device control, advanced computer power management, internet filtering, and computer monitoring.
All of CurrentWare’s solutions operate from a centralized console, making computer policy management for all of your users a breeze.