Cutting down on Internet abuse at work

The Internet is proving to be a useful and very accessible tool for businesses. Many companies provide employees with access to the Internet.But let's face it, we all know that a lot of web surfing during working hours is not work related. Looking up a work-related news story easily leads to checking the baseball standings or a movie review.

By Matthew Bellm September 1, 1998

The Internet is proving to be a useful and very accessible tool for businesses. Many companies provide employees with access to the Internet.

But let’s face it, we all know that a lot of web surfing during working hours is not work related. Looking up a work-related news story easily leads to checking the baseball standings or a movie review. It will only take a couple of seconds, right? A couple of seconds is no big deal in the greater scheme of things. The problem is when the seconds turn to minutes then add up to hours. And it’s not always baseball scores people are looking at either.

Elron Software (Cambridge, Mass.) a developer of Internet security software recently completed an independent study on Internet usage and abuse at work. The results show that 62% of companies in the study report that employees accessed sexually explicit web sites at work; 93% report they have or are considering policies formally defining acceptable Internet usage; 27% of the companies have taken action against abusers, including verbal warnings, written reprimands, payroll deductions, and termination. More details are available on the Elron web site at surf-abuse.elronsoftware. com.

Internet abuse causes productivity losses, increased Internet security costs, unnecessary load on networks, data security problems, and risk of civil and criminal liability, according to the Secure Internet Filtering Technology (SIFT) Consortium of the International Computer Security Association (ICSA, Carlisle, Pa.)

Some companies attempt to curb the abuse of Internet privileges by limiting access to employees who provide written justification for using the Internet. These sorts of policies often turn into bureaucratic nightmares. Employee work requirements change, and while one day they may not really “need” the Internet, a project could come up where the Internet would be a source of valuable information. If they don’t have immediate access, they can lose productivity.

So, how do companies deal with Internet abuses? Formal corporate access policies that define appropriate Internet use at work are a start, but they have to be enforced. The ICSA recommends using Internet filtering and monitoring software to manage net access. Filtering tools actually block access to certain web sites, newsgroups, and other Internet resources. With filtering, companies can compile lists that either limit or block access to specified resources. Filtering can weed out some prime time-wasting sites, but with millions of sites on the web, it’s hard to catch them all. These software packages also provide monitoring capabilities that track where people go when on the Internet.

Gordon Ross, president of NetNanny Software International (Vancouver, British Columbia, Canada) says in the SIFT guide to managing Internet access, ‘People are more cautious when their Internet use is monitored.” The guide provides an example where one company publicly posted usage of the 25 users who accessed the Internet the most. Another company posted the traffic by departments. Hopefully, companies will not use monitoring and filtering software by implementing KGB-style “Big Brother is watching you” policies. Stringent monitoring can waste different corporate resources. But people will be more conscious of how they use and abuse their Internet privileges if they know they could be held accountable.

The SIFT Consortium certifies Internet filtering and monitoring software. Its certification process includes checking that software appropriately blocks and monitors, cannot be circumvented, does not disable desirable Internet functions, and produces accurate activity logs and reports. Details on certification are available at www.ncsa.com/services/consortia/sift/certification.htm .

The NCSA SIFT document “Managing Employee Internet Access: A Guide for Creating and Administering Corporate Access Policy with Monitoring and Filtering Software” provides an overview of the problems of Internet policy abuse and sample Internet access guidelines. The guide can be downloaded from the NCSA site at www.ncsa.com .

Author Information

Matthew Bellm, internet editor mbellm@cahners.com