Software Keeps Tabs on Web-Surfing Employees
The same technology that parents employ to keep their children from viewing online pornography is now being used by companies to control employee access to the Internet. Whether that’s a good thing depends on the culture and needs of each business.
Spyglass Technologies (https://www.surfwatch.com), which publishes SurfWatch filtering software, recently launched SurfWatch Professional Edition. The company calls it “a sophisticated Internet filtering solution that restricts non-work-related Internet access during business hours.” The software is designed to help companies control recreational and personal Internet use.
SurfWatch also provides a free “CheckNet” service that gives companies a confidential report on the extent to which their Internet traffic coincides with SurfWatch’s filters. Companies typically find that between 7% and 27% of their traffic goes to sites that are generally not appropriate for business use, SurfWatch general manager Michael Sears said.
The software is designed to be used in conjunction with a company’s “Internet-acceptable-use policy,” Sears said. An acceptable-use policy is basically a set of rules that help employees determine what online behavior is acceptable at work. Such a policy “doesn’t have to be a tome,” Sears said. “It can be a few pages or even one page.”
By using the same type of filtering technology built into the home version of SurfWatch, the software monitors employee use of the Net and, depending on how it is configured by the employer, prevents employees from visiting certain types of Web sites that could interfere with productivity, tie up Internet bandwidth or violate company policies.
While SurfWatch’s home edition focuses primarily on sites that contain sexual, violent or hateful material, the professional edition allows employers to cast a much wider net by providing tools for “productivity filtering.”
To that end, the software can be used to deny employees access to sites in such areas as astrology and mysticism, games, entertainment, travel, news, job searches, investment, hobbies and more. In other words, anything an employee might want to do that’s not directly related to his or her job.
Access levels can be defined on the basis of the time of day or day of the week. You could, for example, give users access to a wider level of material after 6 p.m. or on weekends. You can also define different levels of Internet access for different individuals or groups in the company.
A human resource department, for example, could have access to job search Web sites that might be off-limits to other employees. The chief executive could have unlimited access and still restrict what others can do.
The software won’t run on systems with a modem connection to the Internet; it requires either a Microsoft or Netscape proxy server or a Check Point firewall. SurfWatch Corporate starts at $1,000 for a 50-user license.
SurfWatch isn’t the only filtering company to address the business market. CyberPatrol, which is published by Learning Co. (https://www.cyberpatrol.com), was also developed to help parents control children’s online access. CyberPatrol Corporate is now available to control employee access.
The software contains what the company calls its CyberNot list of sites that are inappropriate for children, as well as lists designed to keep employees from having too good a time at the office computer. Blocked sites are divided into categories “so that companies can designate access to specific content categories according to the time of day.” For example, an employer could permit access to entertainment sites during the lunch hour or after hours.
Both CyberPatrol Corporate and SurfWatch Professional can also be used to keep track of employee use of the Internet so you can look at it later. Sears doesn’t recommend that SurfWatch be used to monitor individual behavior, but rather to get aggregate data to determine if the company or a part of the company is having a problem.
WinGuardian from Webroot (https://www.webroot.com) monitors all Windows and Internet activity so you can also tell what programs and Web sites an employee has used.
Several other packages can perform similar tasks, and you can learn about them at a site I operate at https://www.safekids.com. But the first question you should ask is not what program you need, but whether you need one.
To be sure, there are real issues here. Employees who waste company time or resources on non-work-related activities can become a drain on the company. There is also the question of exposing fellow employees to inappropriate material that could even lead to a harassment lawsuit. Just as it is inappropriate to pass around certain materials at work, it is inappropriate for employees to be viewing certain material on company computers, especially if other employees may be unwittingly exposed to that material.
There are also resource allocation issues. If Internet bandwidth is used for downloading pornography or making personal travel reservations, it could mean slower access for employees doing work.
Nevertheless, a moderate amount of employee use of the Internet for personal business isn’t necessarily a bad thing. Just as most employers tolerate a certain amount of personal phone calls at work, it may be perfectly acceptable for an employee to use a company PC to make personal travel arrangements, book a dinner reservation, check a stock portfolio or read the newspaper.
Rather than rely on technology to solve what is basically a people problem, a better solution might be to have a group of employees draft an acceptable-use policy so that everyone knows what is and isn’t acceptable use of office computers and the Internet.
Companies should also draft a privacy policy so that employees know whether or not the company reserves the right to monitor their e-mail or Internet use. Courts have found that it is legal for companies to monitor employee e-mail or Web use, but it’s common courtesy to let employees know the policy in advance so they won’t feel betrayed if the boss ever does check their mail or Internet activity.
As with everything else, your first task should be to find out if you have a problem and, if so, the least intrusive way to handle it. If that doesn’t work, maybe your business is a candidate for some stringent rules and software to enforce them. Otherwise, you might be better off relying on a couple of things you can’t buy from a software company: open communications and a healthy dose of trust.
*
You can e-mail Lawrence J. Magid at magid@latimes.com and visit his Web site at https://www.larrysworld.com. On AOL use keyword LarryMagid.
