Many years ago, it would seem ridiculous that people would be allowed access to the internet. I worked in a Police headquarters and no hardware was allowed direct access to the internet, even sending an email was a complicated process routed through a special X-400 gateway to a Police email system.
Nowadays access to the internet is seen more as a human right than a bonus and there can’t be many places which don’t allow some sort of internet access to their work computer. Yet it means there are a myriad of problems that are associated with this sort of access. What websites are allowed? How much access is ok, it’s obviously not good to allow all day Facebook browsing!
These situations can be extremely challenging particularly for smaller companies without Human resource departs or IT managers. If you leave internet access unfettered, you’re leaving yourself open for not only abuse of the system but also running the risk of viruses and malware hitting your internal network. Most people will use internet access responsibly especially when they are at work but there’s always an exception or two.
This is why it’s essential for any employer to set out the rules and responsibilities of using the corporate network for any sort of digital transactions. Without stipulating the boundaries you can have all sorts of problems dealing with people who abuse the system. They don’t have to be draconian – most employers allow reasonable use of the internet in breaks and dinners hours. After all we’ve all got bills to pay and shopping to do and much of this can done online.
Obviously employees shouldn’t visit any site involved in violence, hate, pornography or any extremist views and it is best to enforce this through a content filter which will block access. This will stop most people accessing content like this plus it’s good to ban things that will take up too much time or flood the network. Most advanced content filters will block media sites and methods like using a Smart DNS for Netflix as the targets will be identifiable through reading the packet data.
For users using such sites a simple notice or email reminding them of the Acceptable Use policy is probably the best approach. If you lock down the browser and computer settings this stops the temptation of accessing sites by using DNS routing or proxy servers. Make sure you apply any restrictions to all the browsers installed on the company PCs and don’t let users install new ones.