Even the best-made defenses for your IT infrastructure can easily be breached if they are created without taking into account the possibility of human error. A single visit to an infected site by an employee can endanger not only that individual’s machine, but the entire corporate network. Allowing unrestricted access to the network can affect day-to-day performance, and even lead to important data leaking out. Therefore, many companies impose restrictions on access to sites that are unrelated to work; this is done to ensure both productivity and security. Control over employees’ online activities must be simple to implement and manage; to ensure tangible security, it must function on all work computers – including those used outside of the office. The Web Control technology available in Kaspersky Endpoint Security 8 is a reliable, flexible solution that is also easy to deploy.
Blocking or restricting access to websites is one of the most popular IT admin approaches: according to a survey carried out by Kaspersky Lab and B2B International, 56% of all companies do this to some extent. Most commonly, staff are barred from accessing sites which might distract them from their work. For example, 71% of companies block online gaming. In 50% of cases the business limits or completely blocks access to file exchange services.
Security policies governing web access must also take account of the specific working conditions that exist in the departments of a company. After all, if a blanket ban is imposed on social networks, how can social media specialists do their jobs? Employees in charge of staff recruitment also use social networks to gather information about candidates. Therefore, all employees need to be grouped according to their job responsibilities, and dedicated security policies must be applied to each specific group. Web control can create such groups, and even impose (or relax) individual rules for specific employees.
Establishing appropriate rules on corporate web gateways is one of the most common methods of restricting online activity. However, this method is useless when staff go on business trips, or use a laptop outside of the office. The more people work from home, the less effective this technique becomes. The Web Control system in Kaspersky Endpoint Security 8 for Windows enforces security policies regardless of an employee’s location and the types of network connection he/she is using.
To ensure that security policies remain flexible, Web Control can block access to specific sites or restrict access to certain categories of sites. The latter option is easier to use: it is sufficient to disable access to a certain type of online resources in the program’s settings. The lists of sites in each category are updated automatically. When required, Web Control can block sites based on an analysis of their contents. This is useful for dealing with sites that have yet to appear on the blacklist, such as mirrors of previously blocked sites.
Kaspersky Endpoint Security 8 can be integrated with Microsoft Active Directory; if your company uses Microsoft Active Directory to identify user groups and differentiate access rights, it is not difficult to add new web resource access rules. Scheduling offers extra flexibility: for instance, you can enable access to social networks for those who work remotely, and only outside of working hours.
A proper IT security operation not only controls access to online resources from office computers, but also protects your company from malicious websites. Every three months, Kaspersky Lab detects more than 800,000 infected online resources all over the world. Access to such sites must be blocked, and lists of such sites must be kept up to date. As well as restricting access to certain categories of online resource, Kaspersky Endpoint Security 8 blocks malicious sites, detecting them using both heuristics and real-time data from our cloud-based security system Kaspersky Security Network.
Click on the infographic to learn more about Web Control.