Internet access is an undisputed business necessity these days. Managing that access is essential for all businesses -- especially with today's increasing regulatory requirements. The good news is that software and hardware solutions to block, monitor, or otherwise control employee Internet access have never have been better, but they must be balanced with legal, ethical, and related employee morale issues. This is a tightrope that IT must learn how to walk.
 |
 Jose Negron, technical director of Layton Technology |
The Problems Of Unrestricted Net Access
Employees spend an incredible amount of time on the Internet -- and often what they're doing is totally unrelated to their job. Jose Negron, technical director of Layton Technology, a developer of IT auditing and helpdesk software, cites a recent study by Salary.com and America Online that found that employees squander an average of two hours of company time per day online, at an annual cost of $759 billion.
Productivity isn't the only Net-access issue -- unsupervised employees are a prime target for spyware. According to Frank Cabri, VP of marketing at security solution provider FaceTime Communications, spyware costs enterprises $265 per user annually. He adds that during a recent three-month period, spyware threats quadrupled, and that recent polls show that two-thirds of IT managers name spyware as the top threat to their network security.
There's also a growing variety of apps -- including those for instant messaging, peer-to-peer file sharing, IP telephony, and anonymizing -- that employees can readily download and install without IT approval, all of which pose risk and some of which are actively malicious. FaceTime calls them "greynets." Cabri observes that such programs often evade network defenses using such techniques as port agility (jumping around among open ports) and encryption. He adds that users often don't realize their computers are being hijacked, and a malicious application may be downloaded via a seemingly harmless site.
 Source: FaceTime Communications Greynets Research Study, August 2005. Click image to enlarge. |
With the move to the cloud, CISOs must shift priorities from operating security programs to overseeing (monitoring and auditing) outsourced cybersecurity programs.
2022 was a boon year for IT salaries. 2023 came in like a beast with layoffs, raise freezes, and ChatGPT, but that beast has few teeth.
Age is only a number. Don't let a high number cancel your career.
