Developing a policy for blocking websites in the workplace
While the Internet is an invaluable resource in the workplace, it is also a resource that may be easily abused by employees when no clear rules of usage are set and enforced. One solution 65 percent of businesses in the United States are already using to prevent such abuse is to block the access to specific websites in the workplace (according to a 2008 survey published by AMA). To develop an effective policy for blocking websites in the workplace, a business has to design a clear Acceptable Use Policy (AUP) and choose what type of Web-filtering software it will use.
Acceptable Use Policy (AUP)
The AUP is the foundation of any policy for blocking websites in the workplace and is the document through which the business communicates to its employees the measures that it takes to prevent abusive Internet usage. It clearly defines what constitutes acceptable usage of Internet in the workplace and what constitutes an abuse, as well as the restrictions that will be applied and what are possible exceptions. A good AUP should answer the two main questions that are explained below.
What is abusive Internet usage and why?
Abusive Internet usage in the workplace ranges from reading external blogs to online shopping, spending hours on gaming or social media websites or watching pornography. While the visits to some of these websites are probably an abuse in any workplace, others are legitimate in some workplaces. For instance, some workplaces may require employees to access social media websites, while others would consider this an abuse. Thus, deciding on what constitutes abuse and what is acceptable usage heavily depends on the individual characteristics of each business. The resulting decision and the arguments behind it should be clearly stated in the AUP.
What restrictions will be applied?
To prevent abusive Internet usage, a business can choose to apply different restrictions such as blocking a list of websites, blocking whole categories of websites or just monitoring Internet access and reporting any abusive usage. In addition, the AUP should clearly state how these restrictions will be applied and whether there are any groups of users that are excepted or whether there are any time intervals in which the restrictions do not apply (such as during the lunch break or outside working hours).
Choosing Web-filtering software
To actually implement the restrictions described in the AUP, the business usually relies on a Web-filtering software. Any such software usually implements one or several of the four main methods of Web filtering: content scanning, artificial intelligence, blacklist or deep packet analysis.
Types of Web-filtering software
The content scanning method blocks Web pages that contain certain words from a predefined list. The artificial intelligence method does the same, but it automatically updates its list of words with new ones and with combinations of words. The blacklist method simply blocks the websites that are listed to be blocked. Finally, the deep packet analysis blocks websites that use a certain technology such as video streaming, Flash or ActiveX. Each of these methods has its own drawbacks and advantages, and the choice has to be made taking into account which method better fits the type of restrictions that the business wants to implement and the resources that are available.
Conclusions
Blocking the access to certain websites in the workplace is a usual approach that businesses take to prevent Internet usage abuse. This requires the design of a clear and comprehensive AUP defining what is considered abusive usage and what are the restrictions the business wants to enforce, as well as any exceptions to the general rules. The next step is usually to select one of the Web-filtering solutions based on the advantages and drawbacks of each method, the type of restrictions desired and the available resources of the business.



