Most employees are required to agree to use the Internet responsibly and are made to sign an acceptable usage policy as part of their induction before being supplied with a user ID. The policies vary in their content from organization to organization, but typically prohibit individuals from using the Internet to access illegal material, visit websites containing pornography, or engage in online activities that have no work purpose. The policies detail prohibited uses and state the penalties if individuals are discovered to have abused their access rights.
For many businesses, this may be deemed to be sufficient. If policies are breached, there are serious repercussions for the individual. For most employees AUPs alone will be sufficient to stop Internet abuse. However, while a breach of AUPs could result in termination of a work contract or serious disciplinary action against an employee, the consequences for a business can be much more severe.
AUPs can cover employers and prevent legal issues resulting from inappropriate Internet use, but they cannot protect against malware and ransomware infections. The consequences of malware and ransomware infections can be considerable. Data can be lost or corrupted by malware, to confidential information stolen, used for nefarious purposes, or sold on the darknet to criminals. The financial and reputational consequences for a business could be catastrophic.
In the case of ransomware infections, the cost can be considerable. Earlier this year, Hollywood Presbyterian Medical Center experienced a ransomware attack that required a ransom payment of $17,000 to be paid to recover data. The costs of dealing with the infection even after the ransom was paid was considerable, not to mention the disruption to operations while data were locked. Full access to data was not regained for more than a week.
AUPs used to be sufficient to reduce risk – legal and otherwise – but today much more rigorous controls are required to keep networks secure. To manage the risk effectively, it is important to enforce acceptable usage policies with a technological solution.
The most effective way of ensuring AUPs are adhered to is to enforce acceptable usage polices with a web filtering solution. A web filter can be configured to ensure the Internet can only be used for activities that an employer permits. Controls can be applied to ensure that illegal websites are not visited or to block pornography in the workplace, or stricter controls can be applied to severely restrict access. Most importantly given the massive rise in ransomware and malware attacks, controls can be enforced to keep networks secure.
To find out more about the benefits of implementing a web filtering solution, how networks can be secured with WebTItan, and for details of pricing, contact the TitanHQ team today.