Manage risk the right way with network Internet control

The first thing that comes to mind when discussing network Internet control is usually how the administrator can make sure that users are visiting legitimate websites. Secondly, most administrators would be running regular virus scans of any file(s) downloaded from websites to ensure that none of these is infected with malware.

Both approaches to network Internet control are valid and necessary, but they are not the only actions that could (or should) be taken.

Employees use the Internet for several reasons and each of the services that they use (and they are numerous) poses a level of risk to the security of the network and its users.

Take Instant Messaging (IM) as a perfect example. IM can be a very useful tool for a business; when used at a corporate level it can substantially cut communication costs when teams are spread out across geographical locations. Using IM, employees can quickly and efficiently share data.

However, as with everything else, great tools can be abused or used improperly. Unrestricted IM access could result in cyberslacking and employees spending more time chatting with friends than focusing on their work (this can happen with colleagues – discussing the latest sports results).

Users can use it to transfer files which could be potentially malicious or a legal liability for the company . Employees could also abuse the service to leak confidential information outside the company.

It is also important to have a network Internet control policy – and a solution to go with it – that clearly states how IM should be used in the organization. If IM is not a required tool, the networking Internet control system should block it.

If the organization needs IM to conduct business, then the Internet control solution should allow the use of a particular IM service while blocking access to all the others. The solution deployed should also be able to intelligently detect protocols and not simply block the relative ports because these can be changed.

This is not the end of the story. There are other factors, such as bandwidth consumption, that drive the need for a network Internet control solution. Streaming media, for example; this can impact negatively on bandwidth availability and quality of service.

Often, unrestricted access to streaming media can result in hefty bandwidth costs. Also, steaming media can cause considerable delays for more mission critical Internet services that require the bandwidth which is being consumed by employees streaming videos.

A good network Internet control solution should detect and block streaming media – allowing the organization to enforce its Internet policies as required. This will, in addition to saving the organization bandwidth costs, also potentially protect the company from legal liabilities that usually arise from the streaming of copyrighted content and/or offensive material. Streaming media, when left unchecked, can be a major source of cyberslacking.

Every organization stands to benefit when it has, and implements good network Internet control policies and solutions. The direct and indirect cost savings will often be enough to show that the solution deployed is a strong investment and not an expense with little ROI.

Factor in the security side of network Internet control into the equation and you can see why these systems are essential for an organization.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Emmanuel Carabott CISSP heads security research at GFI Software. He has over 12 years’ experience in the security field and is a regular contributor to several websites and blogs. For more information about the benefits of using email usage reporting.