WaveNews - Company Blog

WaveNews™ - Company Blog

Product updates, press releases and the latest developments in Web-use management & employee Internet monitoring from Wavecrest Computing.

Requirements of an effective employee Web-use management program

Because managing employee Web use deals with humans and their actions, it is a continuous process for all sizes and types of businesses, where the goal is to ensure employees use Web access safely for productive, work-related purposes. To attain a high level of success, I believe that this process requires a Web-use management program be put in place that involves many key players in the organization, communication of the company’s Web-use policy, implementation of a reliable tool to monitor and control Web use, and other important activities. In this article, I will discuss the requirements of an effective employee Web-use management program and the activities involved that will bring about safe and productive Internet use by the workforce.

The key ingredient in an effective program is collaboration and communication among the various groups in the company, i.e., senior management, Legal department, IT personnel, HR personnel, department managers and supervisors, and employees. Communication would include IT keeping company stakeholders informed about current hacker threats, as well as HR apprising senior management of pertinent employee Web-use behavior. Collaboration would occur among HR, IT, and department managers in training the workforce. Collaboration would also take place between IT and department heads to select the appropriate Web monitoring and filtering tool.

If you don’t have one already, another necessity of a Web-use management program is to develop a sound Acceptable Use Policy (AUP) consistent with corporate culture. The AUP should describe acceptable and unacceptable Web-use behavior, i.e., company rules for what constitutes desirable, acceptable, unacceptable, and abusive use of the Internet and other network resources. The policy should also clearly state how compliance will be monitored and what the consequences will be to employees abusing the use of network resources. Does your company have an AUP in place that spells out the rules to your employees?

To ensure adherence to the Web-use policy, it should be clearly communicated to the entire workforce, including management, informing them of what is and what is not acceptable in easily understood language. You may also want to have employees acknowledge that they read and understood the policy through a signed acknowledgement. HR and management personnel should hold meetings with workgroups to answer questions and provide any additional information. This fosters open communication in the workplace and allows employees to be more engaged in proper Internet usage.

In addition to communicating the policy to all concerned, another requirement of an effective Web-use management program is training employees on how to use Web access productively and safely. Whether training is conducted or coordinated by HR or in collaboration with managers and other department personnel, training sessions should cover Internet usage and related subjects. Specifically, employees need to be made aware of what sites they are visiting and what they are clicking on the Web. The purpose of training should be to encourage proper, productive, and safe use of network resources while reinforcing the information in the AUP.

An important requirement of a Web-use management program is to use a reliable software tool that is designed specifically to monitor compliance with Web-use policies and proactively control Web access. The tool should also include a smart reporting engine that distinguishes between user clicks (visits) and unsolicited traffic (hits) and easily presents accurate and up-to-date Web-use data, identifying desirable Web usage as well as unacceptable use and trends. Does your tool include a Smart Engine that analyzes Web traffic to better interpret human behavior? Does it generate easy-to-read, manager-ready reports? Does it give details on employee Web use with drill-down reporting capability? These are key features of a Web monitoring and filtering tool that will benefit IT, HR, and department managers.

Another activity that is necessary is following up with corrective actions when inappropriate Web access is detected. With a policy in place, personnel oriented, the workforce trained, and your Web monitoring and filtering solution actively monitoring and controlling Web use, there are still more activities to do. The tool will inevitably reveal patterns of inappropriate use or disclose signs of outright abuse. These incidents will require attention by HR and management personnel. After identifying the problems, management can take appropriate follow-up actions, such as counseling employees, training or retraining workers, changing work processes, and revising or clarifying the AUP. Managers may also need to institute follow-up audits on individual users and, in worst case, take disciplinary action including termination.

The final element of an effective employee Web-use management program that I will cover involves the establishment of a continuous improvement process by the collaboration team, i.e., HR, IT, department managers, etc. In this process, there would be frequent reviews of employee Web use, new Web services introduced into the network, and new security threats, modifications of work processes, and appropriate revisions of the AUP. All company stakeholders would be involved. What other activities have been effective in your company in managing employee Web use?

Unauthorized Web use can degrade workforce productivity, impact network performance, threaten network security, and create legal liabilities. Any of these outcomes can seriously impact your bottom line. An effective employee Web-use management program is essential to prevent this from happening. If the responsibilities of an effective program are carried out well, misuse and abuse of network resources will be minimized without damaging workforce engagement and morale. Getting accurate, actionable information to all collaborators is a must, and the tool that you are using should be able to provide this information. Next time I will discuss how to get this information with reliable metrics generated by a reporting tool.

Read more of my articles on Web-use management on LinkedIn and the Wavecrest blog: WaveNews.

Collaboration with others and acquiring the right Web filtering and monitoring solution are critical in IT’s role in managing employee Web use

When it comes to a company’s Internet-connected network, the IT department or person is responsible for not only providing the right access to the Internet to employees, but keeping the company’s network and data secure. In order to do this, IT must invest time in examining the most suitable Web filtering and monitoring solution for the organization and implement it. Besides deploying firewalls, network security equipment, and data loss prevention tools to keep hackers out, IT also needs to keep all company stakeholders informed about the latest tactics being used by hackers to trick employees and compromise security measures put in place. In this article, I will cover why collaboration and input from others as well as the need for research and implementation of the right security equipment are important in managing employee Web use effectively in the organization.

Today, the biggest security threats are not from firewall breaches, but from trusted internal employees who are getting tricked into doing the wrong things, compromising all the well-planned and expensive security measures put in place by IT. To ensure productive and safe Internet access by all employees, actual usage needs to be monitored and controlled. IT needs to implement a reliable Web security tool that can monitor and report on Web use as well as control access to specific Web sites. This type of tool would help identify threats and attacks in the company’s network and also deliver accurate results in Web activity reporting. It would provide data that is easy to consume by all audiences in the company including department managers and HR personnel.

Another important IT task in managing employee Web use is granting the proper authorization to users and groups in the company. In so doing, IT can restrict access to Web sites based on need, to only sites that allow the employee to perform his/her job, or to only data associated with managers’ authorized users. With the right tool implemented, IT can also send easy-to-read reports directly to managers by manual distribution via e-mail or automatic distribution via scheduling. To make their job even easier, if the Web security tool includes a reporting-only access portal, IT, by only controlling portal access privileges, can grant self-service access to managers and HR, allowing them to run their own reports on their authorized groups without needing assistance.

As part of their role in employee Web-use management, IT must collaborate with all company stakeholders, i.e., senior managers, Legal, HR, and department managers. When IT is looking for an appropriate tool for these collaborators to use, it is important that the tool includes a Smart Engine that analyzes Web-use data in order to better interpret human behavior. The generated information can then be easily consumed by all including nontechnical personnel. IT would not need to massage or manipulate the data or be burdened by having to answer a lot of questions. The generated information would be best presented in easy-to-read, manager-ready, drill-down reports that give more detail on employees’ Web traffic. As part of this collaboration, IT should share pertinent information with HR and management when the Web filtering and monitoring product reveals patterns of inappropriate use. In this way, HR and management can determine the appropriate action to be taken.

Cyber attacks are growing in prominence every day targeting small and large businesses. On average, more than 4,000 ransomware attacks have occurred daily since 2016. 1 in 131 e-mails contains malware. As the number of malware types and variants continues to grow and evolve to bypass your antivirus program and other levels of protection, it is necessary for your IT team to keep well-informed of the latest hacker exploits and attacks, and put in place a secure Web filtering and monitoring solution to detect and block malware and other online threats.

An IT administrator that is on top of how network criminals operate and their latest techniques needs to communicate with HR to adequately protect the network from intrusion. Prompt communication of hackers’ latest tactics that focus on exploiting employees will help HR formulate a proper training and informational program on how to identify and avoid these types of exploits. IT can help HR flush out what they need to be training employees on, i.e., what to do and what not to do on the Internet. This type of training will hopefully help reduce the likelihood that an employee will open a suspicious e-mail or click unsolicited attachments in an e-mail if opened, and help to better ideed or unknown sites. Are your employees being provided with this training

IT plays a fundamental role in the proper management of employee Web use. Every year, hackers come up with new ways to trick users into giving up sensitive data, revealing credentials to their accounts, or clicking links to malicious Web sites. It is imperative that IT take the time to thoroughly research and implement the right Web filtering and monitoring tool to protect employees and the company’s network. It is also critical that this tool includes a Smart Engine to analyze the technical data and provide the necessary information on human activity. IT also needs to communicate the latest hacker tricks and traps to all stakeholders in the company, including HR and management, so that the workforce can be properly trained. Collaboration, communication, and training are essential to an effective employee Web-use management program. In the next articles, we will delve into the requirements of an effective employee Web-use management program, the importance of creating a well-designed Acceptable Use Policy, and other topics related to employee Web-use management.

Please let me know your thoughts on and reactions to this article and my questions by adding a comment. What challenges does your IT department or person face in managing employee Internet use effectively? Is IT communicating security vulnerabilities and exploits to your HR personnel, managers, and other company stakeholders?

Follow me on LinkedIn or read more articles on Web-use management on the Wavecrest blog: WaveNews.

HR is best suited to bring all company stakeholders together to ensure safe and productive Internet access

employee Web-use management

My discussion here is about the suitability of HR being the hub for employee Web-use management where all company stakeholders are brought together to ensure safe and productive Internet use by all employees. For one, HR’s expertise typically includes personnel policy, codes of conduct, labor relations, workforce training, legal compliance issues, and workforce morale, all of which relate to the employee Web-use management issue. Because of their expertise in policy, training, and processes, HR is in the best position to coordinate the tasks of proposing and developing solutions to ensure that employee Web use is properly managed. After all, Web-use management is not just an IT issue. It is all about employee behavior, productivity, and morale. What Internet-use people issues are you seeing in your company? How are you solving them?

Communication is key in HR’s collaboration with managers, IT, and employees in the company. Starting at the top of the company, HR can educate senior managers on the importance of employee Web-use management, get their input, and keep them involved. By collaborating with IT whose access to highly accurate Web-use reporting and filtering tools can produce easy-to-consume Web activity data, HR can keep upper management apprised of pertinent employee Web behavior. This allows HR to contribute to the organization’s profitability and help keep the company out of severe legal difficulty–important business objectives for senior managers.

As the focal point in the employee Web-use management effort, HR can also schedule Web-use training programs for managers and employees, coordinating with Legal, IT, or department managers who observe a need or have the specific knowledge to train the workforce. Training could include instruction on the proper use of network resources, how to recognize a phishing e-mail message, how to detect malware symptoms, how to recognize and report other online threats, and other Web-use topics. Essentially, training would teach employees how to use Web access productively and safely. In this way, all areas of the company play an important role in proper network resources and policy training that would have a significant impact on corporate Web security. Are these types of training programs taking place in your company?

 

Another HR task would be to communicate the company’s Acceptable Use Policy (AUP) to the workforce by providing it in writing or electronically, requiring a signature to indicate acceptance of the policy. If you do not have a policy, HR, in collaboration with IT, Legal, and senior managers, would be well-suited to establish a sound AUP consistent with your company’s culture. Once the policy is created, HR can work with functional managers and IT to ensure optimum implementation of the policy. As Web activity is analyzed over time, HR can revise the policy as necessary. Managers and HR would work together to ensure employees are complying with the Web-use policy. Along with managers, HR would be involved in specific cases of policy noncompliance.

In communicating the policy to the workforce, HR would focus on promoting the interest of the company as a whole, while helping to maintain or improve employee morale. Managing employees’ use of Web-access resources is a sensitive and complex task, one that involves communicating with all groups–senior managers, managers, IT, and employees–and deals with policy, training, and continuous improvement processes. With HR as the hub, the continuous improvement process would involve the frequent review of employee Web use, new Web services introduced into the network, and new security threats, as well as modification of work processes and appropriate revision of the AUP.

All areas of the company can help manage employee Web use effectively. In the next articles, we will examine more closely IT’s role in employee Web-use management, the requirements of an effective Web-use management program, developing a sound AUP consistent with corporate culture, and other topics related to the human factor of data security.

Please let me know your thoughts on and reactions to this article and my questions by adding a comment. If HR is leading the Web-use management efforts in your business, in what other ways are they collaborating with others in the company?

Follow me on LinkedIn or read more articles on Web-use management on the Wavecrest blog: WaveNews.

Managing employee Web use is a collaborative effort involving managers, HR, IT, and employees.

 

There is no doubt that the Internet is an integral tool in today’s corporate world. It is central to business processes with more and more employees utilizing this important corporate resource daily. Most likely, your workplace has seen a significant increase in Internet use or Web use, contributing to the agility, efficiency, innovativeness, and success of the business. However, many issues can arise with employee Web use if it is not properly managed. I strongly believe that employee Web use involves human behavior in the workplace, and the proper management of it is a collaborative effort involving managers, HR, IT, and employees. In this article, I will discuss the issues affecting companies today concerning employee Web use, and with each article thereafter, we will delve a little deeper into the solutions.

The first issue is that with employees spending a large portion of the workday on the Internet, for both personal and work-related purposes, businesses have reason to be concerned about the security of their corporate network. Employees can be subject to phishing scams, end up on malicious Web sites, and unknowingly download infected files, jeopardizing the security of their system and the company’s network. Are your employees security aware? Do they know how to recognize online threats and how to report them?

Another issue is that with the tremendous increase in surfing the Web at work–between one and three hours a day on personal business–employees can waste considerable work time. Wasted time represents a reduction in workforce productivity and efficiency and consequently, unnecessary cost. Additionally, employees can waste time on legitimate but unproductive Web site visits. This waste can stem from flawed business strategy, poorly designed processes, or misguided supervisory direction. Do your managers have the accurate information they need on their employees’ Web activity?

Employers also have concerns about where their employees are going on the Internet. Unfortunately, one of the most serious forms of Web-access abuse involves the downloading and displaying of pornography. This is a huge issue from the standpoint of workplace liability, where the legal liability primarily takes the form of a sexual harassment lawsuit filed by an employee who has inadvertently or deliberately been exposed to pornographic images downloaded by another employee.

If you are allowing your employees to access the Internet, you must have an Acceptable Use Policy (AUP) that spells out what type of Web activity is acceptable, what type is not acceptable, and the consequences of engaging in the latter. The AUP should reflect the corporate culture. If you don’t have one, who should create this policy and ensure that employees adhere to it? If you do have a policy in place, do your employees know the policy and how to use Internet access properly?

For all of these people-oriented Web-use issues, clearly HR personnel are the professionals best equipped to take the lead in developing and implementing employee Web-use management efforts, collaborating as required with IT, and along with managers, training employees on the use of network resources. IT can deploy firewalls and network security equipment, but is not equipped or trained to deal with the larger issue of keeping your trusted workforce from compromising the security measures in place.

Managing your employees’ use of the Web is all about employee behavior, productivity, and morale, and the resolution of the above issues involves matters of policy, training, and compliance. In the next articles, we will explore HR’s role in the collaboration effort, IT’s role, the requirements of an effective Web-use management program, and other topics related to keeping your employees and network safe.

Please let me know your thoughts on and reactions to this article and my questions by adding a comment. Who is leading the people-oriented Web-use management efforts in your business? Is it a collaborative effort with multiple departments or just an IT-focused task?

© Copyright 1996-2018 Wavecrest Computing. All Rights Reserved.

Trusted Worldwide

Call toll-free: 1-877-442-9346
International: 001-321-953-5351
"When I seek out a company to provide a product or service, I want it all -- a great product, a great price, a salesperson that is responsive and treats me like I am their only customer, and technical support that is intelligent, easy to access, and easy to understand. Wavecrest meets all of these criteria."

-Karleen Carlson, IT Manager, Van Diest Supply Company
LEGAL PRIVACY | © Copyright 1996-2018 Wavecrest Computing. All Rights Reserved.
Facebook Twitter Linkedin Blog Google+ YouTube Knowledge Base