The internet is a vast and valuable resource for businesses, but it can also be a gateway to distractions, security threats and even malware. That’s where your firewall comes in, acting like your network’s security checkpoint. By configuring web filtering rules, you can control the flow of information and ensure your employees have access to the sites they need to be productive, while keeping out the ‘bad’ stuff.
Must-Block Categories
Let’s start with the obvious: certain websites should always be blocked on a business network. These include:
- Malware and phishing sites: These malicious websites can infect devices with viruses or steal sensitive data. Firewall filtering based on blacklisted domains or URL reputation can help keep them at bay.
- Gambling and adult content: These sites can be a productivity drain and potentially create a hostile work environment. Blocking them is a straightforward decision.
- Proxy and anonymiser services: These services can be used to bypass security measures, so it’s best to keep them out.
- Legal liability: These sites are things like criminal activity, illegal drug or software and hate and intolerance.
This table identifies the sites a business would likely consider blocking. It states the “parent categories” and the “child categories” that can come under them. Some need to be taken with a pinch of salt though as they pose a bit of a grey area, which we’ll come onto…
The Grey Area
When it comes to categories like social media and job hunting, the approach needs to be more nuanced. It’s really at your companies discretion whether you would like to allow access or not. These sites don’t cause harm, but they can impact productivity.
- Social media: Complete social media bans can be counterproductive. Consider allowing access to specific platforms for limited times or during breaks. You can also block specific social media features, like games or chat functions. You need to be mindful that there are employees who will need social media access to perform their roles i.e. those working in Marketing.
- Job hunting: While you probably don’t want employees actively browsing job boards on company time, allowing limited access during lunch breaks or designated times can be a good compromise.
Managing Exceptions: The Art of the “But…”
There will always be situations where a specific website needs to be accessible despite your filtering rules. Here’s how to handle exceptions:
- Create User Groups: Set up different access levels for user groups based on their roles within the company. Marketing might need access to social media platforms that wouldn’t be necessary for accounting.
- Define Clear Guidelines: Develop a company policy that outlines acceptable internet usage and the process for requesting exceptions. This ensures transparency and minimises disruptions.
- Regular Reviews: Periodically review your web filtering rules and adjust them as needed. The internet constantly evolves, so your firewall rules should too.
The Benefits of a Properly Configured Firewall
By taking the time to properly configure your firewall’s web filtering rules, you’ll reap several benefits:
- Increased productivity: Reduced access to distracting websites can significantly improve employee focus.
- Enhanced security: Blocking malicious sites protects your network from malware and phishing attacks.
- Improved compliance: Certain industries have regulations regarding internet usage. Proper filtering helps ensure compliance.
- Peace of mind: Knowing your network is protected gives you peace of mind and allows you to focus on other important tasks.
Remember, your firewall is just one piece of the security puzzle. For comprehensive protection, consider a layered security approach that includes employee training and endpoint security solutions.
Microsoft Defender’s Web Content Filtering
Systems like Microsoft Defender have intelligent features like web content filtering. Web content filtering is part of the Web protection capabilities in Microsoft Defender for Endpoint and Microsoft Defender for Business. Web content filtering enables your organisation to track and regulate access to websites based on their content categories. Many of these websites (even if they’re not malicious) might be problematic because of compliance regulations, bandwidth usage or other concerns.
Configure policies across your device groups to block certain categories. Blocking a category prevents users within specified device groups from accessing URLs associated with the category. For any category that’s not blocked, the URLs are automatically audited. Your users can access the URLs without disruption and you’ll gather access statistics to help create a more custom policy decision. Your users will see a block notification if an element on the page they’re viewing is making calls to a blocked resource.