WaveNews - Company Blog

WaveNews™ - Company Blog

Product updates, press releases and the latest developments in Web-use management & employee Internet monitoring from Wavecrest Computing.

Show cyber threats who is boss in 2018.

Last year went by so fast. In between everyone’s normal busy schedule, most of us had to deal with natural disasters of some kind. For us at Wavecrest, it was Hurricane Irma as well as an above average rainy season. For others, it was Harvey and Maria, as well as fires, flooding,  earthquakes, remnants of storms causing wind damage–the list last year seems to be endless.

2017 also brought on some notable cyber events with the Equifax breach as one of the top incidents. 2017 was definitely a year for the books. You may have also noticed a shift in the business digital threat protection messaging. We at Wavecrest noticed . . . because it shifted to what we have always focused on. People.

People are a big part of the cyber threats that take place in businesses. No matter how automated things are, there is always the aspect of human interaction–human vulnerability. Humans inherently have vulnerabilities. It’s not a fault of one individual over another; it’s not about how good your employees are. There is a point where a business owner, manager, or decision-maker has to come to terms with managing Web use for the sake of the business over “my employees wouldn’t do that” or “I trust everyone working for me.” It may be true that you have the most trustworthy employees, but mistakes happen . . . even to the best of us. Cyber criminals focus on the easiest route first to gain access to your systems. Many times this is the employee, or human, vulnerability.

So . . . the new year is here. What can be done to improve managing employee Web use? The key is to make sure you pay attention to the human endpoint because it is not always about a failure in the actual technology. The firewall is great but if you have a weakness with an authorized user, the hacker will get past the firewall. Defend the human endpoint.

Consider these as a starting point and build on each or all!

  • MONITOR YOUR EMPLOYEES’ WEB USE! Sorry. It had to be said. If you do not know what is happening, you will not be able to know why, when, or where it happened. And you will not be able to make an informed decision on how to stop it from happening again. Remember that many times the human error that allowed for a breach may have been habitual or reactive so the employee’s memory of how it happened may not be very clear. Make sure to have visibility into the actual Web activity.
  • Analytics. Really another part of monitoring but noted separately due its importance and the flexibility of what you should be able to view and analyze. Find a Web activity solution that allows you to see relevant, drill-down data when you need it. Trends, customizable charts, by user or group, and real-time information on activity and bandwidth use are all things you should be able to analyze easily. All will allow you to expose abnormalities in user activity, identify potential insider threat behavior, flag possible legal liability issues, assess trends for data breach exposure, and observe patterns for lost productivity.
    • Hits versus Visits. This one deserves a sub-bullet. Make sure the Web-use management solution you choose has clearly defined Hits vs. Visits. Hits consist of unsolicited traffic, such as ads, and are not a reliable tracking metric on its own. Visits give you uncluttered, relevant Web activity detail based on user clicks and are a critical component to understanding human behavior. The last thing you want to do is try and sift through a bunch of data that is not even really relevant to the employee’s actual Web activity.

  • Filter. Yup . . . another suggestion that has the “but my employees are awesome” stigma to it. BUT let me just remind you that this is something that will provide another layer of security from phishing, malicious Web links, and data loss. I got your synapses firing now, don’t I! Filtering allows you to block or restrict URL link clicks that an employee may not be aware are malicious. Hackers have become increasingly precise in how things look. Very convincing e-mails and Web links are not rare anymore; they are commonplace. It is not really all about making sure your employee isn’t streaming YouTube all day. Although that should be managed as well, it should all be under your control. Allow it, don’t allow it, throttle it, or open it all up. The solution you choose should allow you to do it all, in your own customizable way.

The point is that the human endpoint is still a leading way threats get into your network. It may be through phishing, a malicious ad, or use of a unsanctioned cloud application, or it may even be a human error such as the delay of updating software. Whatever the issue, you have to be as proactive as possible to protect your network. Educate your employees continuously, have a comprehensive Web activity solution in place, make sure your Acceptable Use Policy is current, make sure patch management is an active process, and hug your IT people regularly because they are usually some of the busiest and stressed people in your organization.

Here is to showing the cyber criminals who is boss in 2018! Happy New Year!

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Take the mystery out of employee Web use and gain pertinent insight into your business.

 

We are all seeing how business operations are continuously becoming more digitally driven. Many operations that were done on a desktop are now cloud- or app-driven. The connection to the Internet is a constant, and since your employees need that access to be productive, managing that connection should be a priority. Small businesses are finding that this access not only centralizes their operations and data but also can save them money. But they are finding that the amount of data being produced makes it impossible to find the relevant information needed. Looking at the employee-Internet relationship should be on the top of your checklist.

There are things that a Web-use management solution should provide, such as allowing a business to easily filter and control access, use white and black lists, and set time limits. But one of the biggest benefits that many times can be overlooked is the ability to access easy-to-use smart analytics and reporting tools. A filtering solution is great, but if it lacks a way to collect and correlate useful, pertinent data, then all that it is doing is restricting employees, causing frustration and potentially reducing productivity. With detailed reporting and analytics, managers can open up the usefulness of the Internet while knowing they still have the control to keep the business running smoothly and safely.

Look for the Web-use management solution that provides:

  • Drill-Down, Interactive, Forensic-Level Detail – A complete view of every link a user clicks, the exact search terms entered by a user, their search time, and more.
  • Ad Hoc and Scheduled Reporting – The information you need . . .  right when you need it.
  • Smart Reporting – Intelligent, timely, and cogent reporting on all aspects of employee Web usage.
  • Hits Versus Visits – Clear, uncluttered detail based on user clicks versus unsolicited traffic.
  • Manager Access – IT-controlled access for managers and HR allowing them reporting access without the need for IT assistance.

Analytics and reporting tools allow you to take the large amount of Web-use data your employees are producing and make sense of it. This data should tell you who, where, and when about the Web usage. Allowing you to see anomalies, activity peaks, bandwidth usage, and more, this visibility helps you plan and secure your network, data, and employees.

Don’t feel like you’re in need of tarot cards or tea leaves to know what is happening within your business.

About CyBlock

CyBlock Web-Use Management Suite makes more sense of all your Web-use data with CyBlock’s comprehensive monitoring and reporting features. CyBlock is available in Cloud, Software, Appliance, Mini Appliance, and VM deployments to fit any business size or industry.

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

It is holiday shopping time again! Cyber Monday is now more like Cyber Month!

With Thanksgiving right around the corner, we all know what is coming–Cyber Monday–the big day (now it is more like a month!) for personal employee Web use! More than ever before, businesses are open to employee use of the company Internet for personal use such as snagging some holiday deals. But what does this really mean for daily business operations? That depends.

There are definitely cyber risks associated with the season of shopping–malicious ads, phishing e-mails with malicious Web links, and slow bandwidth, to name a few. Paying attention to your employees’ Web usage is crucial. It is up to you whether you allow shopping on your network. If you do, there are steps you should take to manage this naturally vulnerable human endpoint.

  • Filter
    • Filtering allows you to reduce risks from malicious URLs in ads, phishing, etc. . . . employees are your weakest link. Train them continuously but also make sure there is a Web filtering solution in place to allow you to manage the Web use the way you see fit.
  • Manage Bandwidth Usage
    • This time of year employees may be doing things such as watching a video review of the latest in tech toys for their kids. Make sure your mission-critical operations are not affected. Configuring bandwidth limits by user-defined thresholds and setting trigger alerts will help you make sure you don’t have unnecessary bandwidth hogs slowing your business down.
  • Monitor Web use
    • Visibility means everything. With the right monitoring solution, you can easily analyze employee Web-usage trends, make sure your Acceptable Use Policy (AUP) is being followed, and get actionable, relevant detail when you need it.

These are only a few of the things that you can do to help reduce the risks associated with employee Web use all year long. Remember that human vulnerabilities are a leading cause of most network breaches. Focus on the human endpoint. Take the time to keep training employees, enforcing your AUP, monitoring, analyzing, and filtering.

At this time of year, you can feel good about allowing your employees some freedom to research or snag some holiday gift deals. Have a comprehensive employee Web filtering and monitoring solution in place, and enjoy your holidays even more knowing you are proactively managing employee Web activity!

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

CyBlock/Cyfin Release 9.2.8 Now Available

Release 9.2.8 consists of improvements for both Cyfin and CyBlock. For Cyfin customers, a filter allows you to log only relevant data into the syslog, keeping the syslog file at the smallest possible size. Cyfin customers also have the ability to delete only raw syslog log files from disk to help reduce the risk of running out of disk space. For CyBlock customers, changes to IP/domain exceptions in your PAC file configuration can be synced with your cloud account in a Hybrid deployment.

For both products, the product disk usage and the available disk space are displayed for your information on the Server Information screen. Also, the calculation of Hits and Visits has been updated to be more precise. These and other enhancements are highlighted below.

  • Syslog Log File Configurations (Cyfin)
    • After enabling the syslog server, the Syslog Filter field appears which is prepopulated with the default value format based on your syslog configuration. It is used to log only the pertinent data into the syslog and not all the data that is being sent.
  • Log File Removal (Cyfin)
    • The ability to delete only raw syslog log files from disk has been added. You can manually delete or schedule a deletion of the files either at the current time or at the default scheduled time.
  • PAC File Sync (CyBlock Appliance, CyBlock Software)
    • Any IP/domain exception changes to the PAC file configuration are now automatically or can now be manually synced with your CyBlock Cloud account in a Hybrid deployment.
  • Server Information
    • On the System Status – Server Information screen, the product disk usage and available disk space are now displayed. The available disk space shows the amount of free space remaining out of the total drive space.
  • Hits and Visits Calculation
    • The hits and visits calculation has been enhanced by evaluating additional information from the log records.
  • Java Runtime Environment
    • The version of JRE was updated to the latest with all security and performance fixes.
  • System Status Messages
    • The Event Log and Profiling Log screens have been updated to allow Technical Support to view legacy or new messages.

To see the full release notes for your product, visit our Web site or knowledge base. You can upgrade to the latest release by going to the Help – Check for Updates screen in your product.

For additional assistance, please feel free to contact us.

Is your business’ human operating system secure?

Everyone is worried about operating systems, whether it is network operations, business operations, or a desktop operating system. The functionality of these intricate parts of your business are critical. But have you thought about your employees and how they operate? Today, your human operating system needs to be more than just making sure your employees are doing their job. Human vulnerabilities are a primary target for cyber criminals. Your human operating system, or the human factor, needs to be manageable and efficient, with tools in place that proactively support an open, yet secure, digital work environment.

Insider threats can be found at the top of headlines almost every day. Listen carefully to what each event tells you. It can happen to you, no matter how big or how small your business is. You don’t have to be a government organization to be susceptible to an insider threat. Insider threats can be a malicious employee who may be upset at the company, a good employee who just makes a mistake, or a targeted employee who unknowingly allows a malicious user into the network or access to proprietary data. Whatever the cause, there has to be tools in place to combat these human factor Web-use risks.

The human factor in business Web use is complicated in many ways. Hackers target natural human vulnerabilities and mistakes happen, employees can be sensitive to being singled out or afraid to admit the mistake, and fully blocking all access in today’s digital work world will likely just limit productivity and upset employees. The key? Visibility into the human factor. See how and when your employees use their Internet access. With that visibility into Web-use detail, you can then manage the usage to fit your unique business needs and gain a comprehensive, proactive way to secure and protect your business.

Securing and managing your enterprise’s human operating system in a proactive and efficient manner will help reduce cyber risks, such as phishing, malware intrusions, ransomware, data loss, employee misuse, legal liabilities, bandwidth hogs, shadow IT, and more. Find a solution that fits your business and your budget. Make sure it is flexible, easy to use, and easy to manage, allowing you to secure and shape employee Web-use–on your terms.

About Wavecrest

Wavecrest has over 20 years of proven history of providing reliable, accurate Web-use management and Advanced Log File Analyzer products across various industries. Managed Service Providers, IT specialists, HR professionals, Forensics Investigators, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage the human factor in business Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Trusted by large government and commercial organizations such as US-CERT Homeland Security, U.S. Department of Justice, USPS Office of Inspector General, National Grid, Johns Hopkins, and a growing list of global enterprises and government agencies. We are a proud long-term GSA contract holder. For more information on the company, products, and partners, visit https://www.wavecrest.net.

© Copyright 1996-2018 Wavecrest Computing. All Rights Reserved.

Trusted Worldwide

Call toll-free: 1-877-442-9346
International: 001-321-953-5351
"When I seek out a company to provide a product or service, I want it all -- a great product, a great price, a salesperson that is responsive and treats me like I am their only customer, and technical support that is intelligent, easy to access, and easy to understand. Wavecrest meets all of these criteria."

-Karleen Carlson, IT Manager, Van Diest Supply Company
LEGAL PRIVACY | © Copyright 1996-2018 Wavecrest Computing. All Rights Reserved.
Facebook Twitter Linkedin Blog Google+ YouTube Knowledge Base