Web filtering in the workplace

protection, productivity, and compliance

Aimed at controlling and restricting access to online content, web filtering is becoming increasingly widespread in companies in France. The implementation of a system to filter illegal websites and malicious content is strongly recommended in order to:

To promote employee productivity;
To protect the sensitive data of the organization and its employees;
To comply with applicable legal obligations.

Our guide to web filtering will help you better understand the importance of URL blocking in business, as well as how to implement a cybersecurity solution tailored to your needs:

What is web filtering?
Why implement web filtering?
The characteristics of a good web filtering solution
Web filtering application and best practices

What is web filtering?

Cybersecurity experts recommend implementing a filter to prevent company employees from visiting certain websites. In principle, you are not opposed to this solution, but you would probably like to understand what website filtering really entails before installing such a system in your company:

How does it work?
What are the expected benefits?

Technical definition

Web filtering works in a fairly simple way. A server, known as a filtering proxy, acts as an intermediary between a workstation and a destination website.

In practical terms, when an employee wants to access a website, the filtering proxy server analyzes their request. The proxy compares the website's URL with a database that complies with the company's filtering policy. Using this database, which contains a list of malicious URLs, the proxy server authorizes or denies access to the requested website:

If the URL is not in the database, access is authorized by the proxy, as the website is reliable and poses no danger.
If the URL is present in the database, access is denied by the proxy because the website is potentially malicious.

Web filtering objectives

Employees may perceive website filtering as a measure designed to restrict their Internet access. To ensure that your employees accept this solution, it is essential to explain the ins and outs of URL filtering to them.

Employee productivity

When the first web filtering systems were developed, the main objective for companies was to prevent employees from visiting websites that could impact their productivity.

Currently, this argument is less compelling, because even if employees cannot access certain websites from their workstations, they are not blocked on their smartphones. Today, website filtering should therefore be seen as a way of helping employees to focus on their work.

Legal liability

The employer is legally liable when they provide their employees with an Internet connection at the workplace:

If an employee downloads illegal content from their work computer (or other devices used to carry out their duties), the organization may face criminal prosecution.
If an employee uses their company's Internet connection to develop a malicious website, the employer is liable.

Cybersecurity

The main objective of implementing website filtering is to ensure cybersecurity within the company.

When surfing the Internet, employees may click on malicious links or visit websites that are prohibited by French law. All of these actions can jeopardize the security of the organization's data and network infrastructure, hence the need to block them upstream to avoid online threats.

Why implement web filtering?

We have briefly discussed the objectives of online content filtering. Let's now take a closer look at each of these points: what benefits will you gain from implementing a URL filter in your company?

Improve employee productivity

Web filtering can be used to prevent your employees from visiting websites that are unrelated to their work. These include distractions such as social media sites like Facebook, streaming platforms like Netflix, and online gaming websites. If they are not distracted by these websites, they will be more productive in their work.

In reality, the benefits of website filtering must be viewed in a nuanced way.

Even if access to certain websites is blocked on your employees' workstations, nothing prevents them from viewing them on their smartphones or other personal devices that allow them to connect to web content.

In addition to web filtering on workstations, it may therefore be wise to regulate the use of phones for personal purposes. But be careful, this does not mean banning the device. According to French law, employers must be tolerant of personal cell phone use. However, this use must be reasonable and not have a negative impact on the company. For example:

Smartphones (or other devices) may be used during employee breaks, but must be stored in a drawer in silent mode at all other times.
Employees are not permitted to use the company's Wi-Fi network on their mobile devices.

Special case

To secure Internet access for remote workers, Olfeo offers a DNS filtering service. This service is also highly relevant for the public sector (local authorities, healthcare institutions) to optimize guest Wi-Fi security. Contact Olfeo to learn more about DNS filtering: our service for securing unmanaged devices and the Internet of Things.

Ensuring compliance and legal accountability

Let's take stock of companies' legal obligations regarding the provision of Internet access:

Companies are required to secure their IT systems and Internet access networks against cyberattacks and malicious intrusions in order to protect their employees' data.
Article 6 of the Law on Confidence in the Digital Economy (LCEN) requires companies to implement filters and retain connection data for one year.

Here are our safety recommendations:

Implement website filtering systems, antivirus solutions, and firewalls for optimal protection across all devices in the system.
Keep the network connection log for one year;
Allow reasonable use of smartphones on company premises, but prohibit employees from using the company Wi-Fi network on their personal devices.
Educate employees on good online practices (do not click on unknown links to avoid phishing, do not download applications onto the system without authorization to avoid malicious malware, etc.).

What are the legal risks in the event of negligence in securing data?

The employer is liable under civil and criminal law if they fail to secure their computer system, in particular with a content filtering tool.
If an employee downloads a torrent, in other words content that is illegal under the HADOPI law, their employer may be prosecuted.
If an employee uses the Internet connection to develop a malicious website, their employer may be sued in civil court.
We invite you to discover our webinar led by our legal expertto better understand the legal implications of content access filtering.

Strengthen the organization's cybersecurity

Website filtering ensures cybersecurity for businesses by blocking a number of threats:

Phishing: this technique, widely used by cybercriminals, involves stealing sensitive information such as passwords or bank details. All it takes is for an employee to unwittingly click on a link to a website, a fraudulent email, or a malicious application on social media to give cybercriminals access to your company's sensitive data.
Malware: viruses, ransomware, and spyware are threats that fall under the category of malware. This malicious software can have a disastrous impact on the companies that fall victim to it, including theft of sensitive data, extortion, service paralysis, etc.
Access to websites prohibited by French law: websites hosting child pornography, content promoting terrorism, or online platforms selling weapons are illegal. Company employees must not have access to this content from the network.

Preventing access to malicious content (phishing, malware) and blocking it are essential for protecting both the company and its employees.

The characteristics of a good web filtering solution

It is imperative to choose a powerful filtering solution to ensure corporate cybersecurity If the filter allows potentially problematic sites to pass through, it is not effective enough.

If you are unsure which service to choose to improve content access control, discover the advantagesof Olfeo: our solution adapts to the specific needs of your organization.

The URL database

The web filtering system database must be comprehensive and up to date for the control to be effective.

At Olfeo, our database contains over 20 million domains, which corresponds to hundreds of millions of URLs. Be careful not to confuse domains and URLs:

com is a domain
com/hello is a URL
A domain can have a large number of URLs: some are legitimate, but others may be illegal depending on their content.

One might wonder whether 20 million domains are sufficient to enable employees to work in good conditions. In practice, our customers have told us that our filtering tool has a query recognition rate of 99.5%, which is more than enough to cover employee queries.

Of course, our database is updated in real time. If you become an Olfeo customer, you will also have the option of adding unknown URLs from our tool to the database: we carefully review all new classification requests.

Filter categorization and customization

Relevant categorization of websites is essential to ensure high-quality content filtering on the Internet. At Olfeo, we have a list of 9 themes and 100 categories.

This list of topics and categories enables companies to implement an effective filtering policy tailored to the specific characteristics of their industry.

We also give companies the option to customize filters: this means that certain groups of employees can have access privileges that others in the company do not have.

Web filtering application and best practices

Are you considering using Olfeo to block web content that your employees have access to? Find out how to implement our solution to optimize security in your organization.

Key steps in implementing web filtering

Installation and settings fora web filtering solution on the network should not be left to chance.

If you choose our software, we will provide you with a practical guide to successfully implementing our web filtering tool: all the steps are explained in detail.

Of course, our technicians can also assist you in implementing our content access management tool: only precise settings will enable your organization to benefit from optimal protection.

User awareness and training

When a company integrates a web filtering solution When implementing a new IT system, it is essential to take the time to raise awareness and train employees. Employees who better understand the benefits of the system are less likely to resist using it.

Education on filtering policies should also encourage responsible use of the Internet at work. To find the information you need to train users, Olfeo has produced a white paper that you can use as a resource. We also offer an e-learning platform, Olfeo Awareness, which facilitates awareness of online security issues.

Filtering has become essential for protecting your network from cyberattacks, ensuring compliance with legal obligations, and promoting employee productivity. In this context, the filtering solution must be chosen based on criteria of power and efficiency.

Are you considering investing in our website filtering tool to secure your network? Are you unsure which solution is best for your organization? Make an appointment for a free consultation with one of our experts to assess your company's specific needs: we will explain all the features of our software and its many advantages!