Hurricane Posted February 24, 2011 Share Posted February 24, 2011 I have been getting some feedback from my staff concerning the amount of time that a Particular employee is spending on sites unrelated to their work, i.e. banking, facebook, tax preparation, etc. What would you recommend? I have included a poll for a summary. I was hoping for comments as to which of any particular kind works best as well. Quote Link to comment Share on other sites More sharing options...
Sparda Posted February 24, 2011 Share Posted February 24, 2011 You are looking for a technical solution for a non-technical problem. I suggest telling them that they should not spend the time some one is paying the for to do what they want but instead do what they are been paid to do. Quote Link to comment Share on other sites More sharing options...
Hurricane Posted February 24, 2011 Author Share Posted February 24, 2011 You are looking for a technical solution for a non-technical problem. I suggest telling them that they should not spend the time some one is paying the for to do what they want but instead do what they are been paid to do. I would love to deal with it that way. Unfortunately that has already been attempted and failed. Also, for fun they happen to be the child of one of our managers and the one closest to being our h.r. manager to boot. I need hard conclusive proof that a significant portion of time is being squandered. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted February 24, 2011 Share Posted February 24, 2011 Evaluations of work productivity. That person and all persons should have a yearly or possibly more performance evaluation. Give bad evaluation, fire them. Also make sure it is within the bounds of the contract/procedure to terminate dependent on evaluation. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted February 24, 2011 Share Posted February 24, 2011 I think what you should do is, implement a proxy server in your network to monitor what websites which user access and how often those websites are accessed. In addition you should write an internet usage police as well, stating reasons how the internet should be used during work hours. And if for any reason anyone fails to comply, you could give them a warning or block access to the website. Quote Link to comment Share on other sites More sharing options...
digip Posted February 25, 2011 Share Posted February 25, 2011 I think what you should do is, implement a proxy server in your network to monitor what websites which user access and how often those websites are accessed. In addition you should write an internet usage police as well, stating reasons how the internet should be used during work hours. And if for any reason anyone fails to comply, you could give them a warning or block access to the website. QFE I think that is an excellent idea and something that should have already been in place. If its a place of business and you give employees access to the Internet, you are already doing your business a disservice because of the inherit security risks associated with allowing people access to the Internet in general. There should not only be a usage policy in place they have to comply with, but also a security policy that is configured to safeguard the company from risk. At a minimum, block access to sites like Facebook and Myspace, and any third party game sites they may access through those sites as well. If they were compromised from visiting one of these sites and click a malicious link from a friend whom was also compromised, they might not be the wiser and click whatever they receive and in turn, create a backdoor into your companies network. As for keyloggers, its probably illegal, especially if they are accessing private things like a bank account. Same for screen grabs, although, probably not illegal if stated in your handbook, might get you sued if they found out you were accessing their private information, such as a bank account. If you need hard evidence, you can set up filters to notify you of the sites they visit and then report this to whomever needs the info, but I think keyloggers and screen monitoring, or even packet sniffing is going to become an issue. Statefull Packet Inspection on the other hand, takes the guess work out of the equation for you, and you should be able to implement something that tells you how many times say, site xyz.com was accessed, the day, and time, and what user. Especially if implementing a proxy where every user has to sign in to get access to the internet, you can monitor what sites they go to, and even put up messages in place of the pages that are restricted, which should tell them flat out, visit this site and you may be terminated. After X number of attempts, take action, such as being written up, suspended or eventually fired. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted February 26, 2011 Share Posted February 26, 2011 I just remember that the other at work, every staff member had to sign off an internet usage agreement with the company. And the reason to that was due to staff members spending too much time surfing websites that was not work related like FaceBook or Youtube. Besides signing this agreement off they've also blocked access to the above websites. I mean if you really want your staff to do the right thing, you have to take the correct action and rectify this situation. Block the website and if someones tries to bypass it, give them a warning and if they don't want to listen terminate the employment. Quote Link to comment Share on other sites More sharing options...
wh1t3 and n3rdy Posted February 26, 2011 Share Posted February 26, 2011 I like websense for internet monitoring. Quote Link to comment Share on other sites More sharing options...
digip Posted February 26, 2011 Share Posted February 26, 2011 (edited) I like websense for internet monitoring. Is that something you have to install on each computer or does it sit on the edge of your network and filter traffic? Never used it, so I'm asking. Edited February 26, 2011 by digip Quote Link to comment Share on other sites More sharing options...
wh1t3 and n3rdy Posted February 27, 2011 Share Posted February 27, 2011 It sit's on the network and monitors the web traffic going in and out. http://www.websense.com/content/web-security-gateways-overview.aspx It reveals quite a lot, the CEO who left before I started was lucky he left when he did and the staff in place at the time did not run regular reports. You can put everyone through a proxy and capture it all, and they wouldn't know any better. Quote Link to comment Share on other sites More sharing options...
L1f3less Posted April 7, 2011 Share Posted April 7, 2011 So based on your comments I am unsure the level you sit at within your organization. Obviously you have reporting staff but the solutions which can be implemented will obviously depend on your level within your organization. As mentioned above a proxy server is a great solution to track basic and simple web traffic. If Social media is not a critical part of your teams role then I would suggest blocking those sites outright. Another solution might just to block Facebook, Youtube, Twitter Etc etc etc. all together organization wide. I myself am looking for a nice open source web & packet analyzer tool which can monitor the enterprise which I manage in real time. I am not personally interested in websense does anyone have other solutions which could work? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.