Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label internet access. Show all posts

Enhancing Workplace Security and Productivity with Effective Web Filtering

 

Internet access is essential in modern workplaces but can lead to distractions and security risks. To combat this, many employers use web filtering to block websites deemed unproductive or inappropriate.

The primary goal of web filters is to maintain employee productivity by limiting personal internet use during work hours. Additionally, they aim to reduce cybersecurity risks associated with high-risk sites. As cybercrime increases and data breaches become more costly, employers are enhancing web security policies to protect their organizations.

To better understand web filtering trends, the aggregated data from NordLayer’s DNS filtering service was analyzed. This research, which does not include identifiable business or user information, reveals the most commonly restricted website categories, helping create secure and productive work environments.

How Employees Are Affected By Website Filtering

Restricting internet access is crucial for boosting cybersecurity and productivity. Our research identified that 72% of employers block malware and adult content sites, while 43% block gambling websites. These findings are consistent with other studies showing widespread internet restrictions in corporate settings. For instance, a survey found that 64% of employees reported their company used a firewall to limit web access, though 40% bypass these controls using mobile data.

A 2018 study indicated that web filtering increases with company size: 96% of large businesses with over 1,000 employees restrict at least one online service, compared to 92% of midsize companies and 81% of small businesses. The same study estimated that 58% of employees spend over four hours per week on non-work-related sites without filtering, with 26% spending more than seven hours weekly on personal browsing. This translates to significant productivity losses, with full-time staff wasting 26 paid days annually.

Why Businesses Should Consider Web Filtering

While web filtering is already widely adopted, there are compelling reasons for more organizations to implement it as part of their cybersecurity and acceptable use policies.

From a security standpoint, restricting access to malware sites and other high-risk categories is crucial. Malware infections can lead to data breaches, disruptions, and financial losses. With the rise in cybercrime, web filtering serves as a preventive measure.

Beyond security, unrestricted internet access can lead to legal liabilities if employees access inappropriate or illegal content using company devices. This can result in regulatory violations, harassment issues from explicit material, or data exfiltration through file-sharing services.

Productivity is another key factor. Limiting personal internet use during work hours helps minimize distractions and increase focus on job duties. These benefits make a strong case for integrating web filtering into cybersecurity strategies.

How To Properly Implement Web Filtering

Balancing secure and productive internet access requires careful implementation. While some may see content filtering as restrictive, it is becoming essential to protect networks, data, and devices. Proper configuration and clear use policies can create a safer online workplace without hindering legitimate business activities.

Finding this balance is crucial for maximizing the internet’s business utility while safeguarding critical assets. Overly restrictive filtering that blocks essential work resources or categories like social media can frustrate employees and disrupt workflows.

The best approach involves thorough planning and customizing filtering rules to align with an organization’s needs and culture. Flexibility for temporary access and whitelist approvals for legitimate business purposes is essential. Collaboration between human resources, IT, and security departments is necessary to develop and communicate reasonable use policies.

Monitoring and adjusting filter effectiveness are also important. As new cybersecurity threats emerge and business needs evolve, filtering rules may need updates. Employee feedback can provide valuable insights into potential overblocking issues..

Why Limiting Online Access Risks More Than Teen Safety



In the age of increasing online presence, especially amplified by the COVID-19 pandemic, the safety of young people on the internet has become a prominent concern. With a surge in screen time among youth, online spaces serve as crucial lifelines for community, education, and accessing information that may not be readily available elsewhere.

However, the lack of federal privacy protections exposes individuals, including children, to potential misuse of sensitive data. The widespread use of this data for targeted advertisements has raised concerns among young people and adults alike.

In response, teens are voicing their need for tools to navigate the web safely. They seek more control over their online experiences, including ephemeral content, algorithmic feed management, and the ability to delete collected data. Many emphasise the importance of reporting, blocking, and user filtering tools to minimise unwanted encounters while staying connected. 

Despite these calls, legislative discussions often seem disconnected from the concerns raised by teens. Some proposed bills aimed at protecting children online unintentionally risk limiting teens' access to constitutionally protected expression. Others, under the guise of child protection, may lead to censorship of essential discussions about race, gender, and other critical topics.

Recent legislative efforts at the federal and state levels raise concerns about potential misuse. Some proposals subject teens to constant parental supervision, age-gate them from essential information or even remove access to such information entirely. While the intention is often to enhance safety, these measures could infringe on young people's independence and hinder their development.

In an attempt to address harmful online outcomes, some bills, like the Kids Online Safety Act, could fuel censorship efforts. Fear of legal repercussions may prompt technology companies to restrict access to lawful content, impacting subjects such as LGBTQ+ history or reproductive care.

In some cases, laws directly invoke children's safety to justify blatant censorship. Florida's Stop WOKE Act, for instance, restricts sharing information related to race and gender under the pretext of protecting children's mental health. Despite being blocked by a federal judge, the law has had a chilling effect, with educational institutions refraining from providing resources on Black history and LGBTQ+ history.

Experts argue that restricting access to information doesn't benefit children. Youth need a diverse array of information for literacy, empathy, exposure to different ideas, and overall health. As lawmakers ban books and underfund extracurricular programs, empowering teenagers to access information freely becomes crucial for their development.

To bring it all together, while teens and their allies advocate for more control over their digital lives, some legislative proposals risk stripping away that control. Instead of relying on government judgment, the focus should be on empowering teens and parents to make informed decisions. 


 

 New Mexico Jail went on Lockdown due to Cyberattack

 

The Metropolitan Detention Center (MDC) in Bernalillo County, New Mexico, went on lockdown five days after the new year. In the wake of a ransomware attack, an Albuquerque jail lost access to its video feeds and its automatic door mechanisms were rendered ineffective. As a result, inmates have been confined to their cells as technicians work to restore service. The jail's internet connection has been knocked out by a ransomware attack, putting most of their data systems, security cameras, and automatic doors inoperable. While MDC personnel worked to get everything back up and running, inmates were confined to their cells. 
 
"Most county buildings are closed to the public," officials said shortly after the incident in a statement. "However, given the circumstances, county personnel are working remotely and will assist the public as much as possible. County system vendors are notified, and are working to resolve the problem and restore system functionality." 

The Metropolitan Detention Center in the state lost access to some of its most important security technologies, such as camera feeds and automated jail doors. For obvious reasons, the county was compelled to lock down the whole jail, confining all of the inmates to the cells for the time being. 

Ransomware is becoming one of the most serious dangers to both commercial companies and government institutions around the world. As more official and commercial businesses are conducted online, ransomware attacks, in which a hacker steals data from the victim or takes control of a computer system until a ransom is paid, are becoming more widespread. 

A township spokeswoman, Tia Bland, said workers had some luck getting MDC cameras to work over the weekend. Officials at the facility expressed optimism that additional progress would be made on Monday. Beginning Monday at 8 a.m., public access to the county headquarters at Alvarado Square will be restricted. Following this, companies and organizations are under a lot of pressure to pay up not only to get the company's data unlocked but also to avoid enraged clientele and authorities who issue severe warnings about giving money to criminals.

Multiple Vulnerabilities found in SATCOM internet access terminal Cobham EXPLORER 710



CERT/CC researchers found multiple vulnerabilities as they examined Satcom terminal Cobham EXPLORER 710 as an extension of IOActive’s findings in 2014. These new vulnerabilities could affect both the device and firmware.

These frailties could give attackers unauthentic access to sensitive information, control of the device, create or implant backdoor, DoS attack and more.

Cobham EXPLORER 710 is a portable satellite terminal, broadband global area network (bgan) through telephony. The device provides internet connection through satellite communications setting new standards for size, speed and features.

 EXPLORER 710 is a sophisticated communication tool for broadcasting, streaming and other IP based industry applications with a speed of 1 Mbps and higher. It is used in various sectors as Commercial aerospace, military defenses, space systems, SATCOM and more.

 The sat-com terminal, firmware version 1.07 is affected with 6 vulnerabilities listed below-

 • CVE-2019-9529 – Authentication Failure 

This failure arises due to the web portal having no authentication by default, this could lead to any attacker connected to the device to gain access to the portal and perform changes.

 • CVE-2019-9530 – Unrestricted Directory Access

There are no restrictions on access to the webroot directory, creating a liability as hackers can read, access or download any file in the webroot directory.

 • CVE-2019-9531 – Authentication Failure to port 5454 

This vulnerability allows attackers to connect to port 5454 through Telnet and execute 86 Attention (AT) commands, and gain illegal access.

 • CVE-2019-9532 – Text Data Exchange 

The web application portal passes the login password in cleartext, it could easily give way to miscreant to intercept the password.

 • CVE-2019-9533 – Default Login Credentials

The root password is the same for all devices, this could allow to reverse-engineer the password in all available versions.

 • CVE-2019-9534 – Validate Failure

According to CERT/CC researchers, "The device does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service."

Apart from the above gaps in security, the researchers also discovered some configuration issues, missing security headers and problems in default wifi password ( being same as same as serial number) which are gravely dangerous to the device and leave it susceptible to cross-site scripting and clickjacking.

 The researchers said they currently don't have any practical solutions to these problems.