Finding tools to watch over Internet
use is no problem, but figuring out which one is best for
your needs requires extra attention.
By Tom Duffy
Network World, 09/11/00
Colin Morrison, vice president of IS for the Kitsap Community Central Credit Union, had a problem.
Plans called for the Bremerton, Wash., credit union to install Internet-accessible computer kiosks in 10 branches for customer Web banking demonstrations. But Morrison worried where Web surfers might wander. "My biggest concern was that little Johnny would come in with mom, and while mom was in line for the teller, he'd be surfing at hooters.com," Morrison says.
Morrison's concerns may have centered on the curiosities of youngsters, but they're much like those of many IT executives. IT folks are on the hot seat, charged with stopping illicit Internet and e-mail use. Fueled by corporate fear of sexual harassment and other liability potential, the market for (and buzz surrounding) 'Net monitoring tools grows daily.
A sampling of Web switches
Bill Gassman, an analyst for Gartner Group in Stamford, Conn., believes that nearly half of all companies now monitor Internet use. Meanwhile, market research firm IDC in Framingham, Mass., projects the market for Internet access control products will grow from $63 million in 1999 to $260 million by 2003.
Internet monitoring tools come in plenty of flavors. Some strictly provide reports on site visits without offering blocking capabilities. Others offer sophisticated policy engines that let administrators define Internet user access profiles, even by time of day. Network World recently reviewed
nine of these tools.
These tools are not interchangeable - choosing the wrong type can even create problems, such as breaches of confidentiality. Many Internet monitoring tool vendors provide user guidelines to help customers guard against problems. Some suggest Internet monitoring policies, for example, while others hand out case studies showing how companies have handled the complex issues surrounding tool use.
In his case, Morrison determined the right type of tool for his needs was one that let him strictly control access rights for user groups and individuals. He picked SurfControl from JSB Software in Scotts Valley, Calif. "If you try to go to a non-approved site, you're redirected to our home page," he says.
IT and beyond
Once monitoring tools are in place, IT managers need to guard against complacency, says Mark Schreiber, a partner at Palmer & Dodge, a Boston law firm. Offensive material can easily slip onto someone's screen as an e-mail attachment, but not many companies are monitoring e-mail traffic. That task typically requires additional tools as well as a subtler approach.
What's more, you've got to team with HR. Consider it mandatory as a way to protect yourself from potential bad buzz. "IT has to run the software. But someone upstairs has to be savvy enough on HR, technology and legal fronts to make decisions about what do with this material once spotted," Schreiber says.
IT managers also must learn not to be too stringent. At Kitsap, for example, Morrison is planning to install Internet-accessible terminals in company lunchrooms so workers can use their free time for activities such as making airline reservations or buying concert tickets. Users will have unlimited Internet access from those terminals. "Since it will be public, I'm hoping peer pressure will dictate where they go," he says. But just in case, SurfControl will be on the job.
Duffy is a freelancer in Haydenville, Mass.
