Corporate web filtering :
Aimed at controlling and restricting access to online content, web filtering is becoming increasingly widespread in French companies. Setting up a system to filter out illegal websites and malicious content is highly recommended in order to :
- Promote employee productivity;
- Protect the sensitive data of the organization and its employees;
- Comply with applicable legal requirements.
Our guide to web filtering will not only help you understand the importance of URL blocking in business, but also help you implement a cybersecurity solution tailored to your needs:
- What is web filtering?
- Why install web filtering?
- Characteristics of a good web filtering solution
- Web filtering applications and best practices
What is web filtering?
Cybersecurity experts recommend the use of filters to prevent company employees from visiting certain websites. In principle, you're not against this solution, but you'd probably like to understand what website filtering actually involves before installing such a device in your company:
- How does it work?
- What are the expected benefits?
Technical definition
Web filtering works quite simply. A server, known as the filtering proxy, acts as an intermediary between a workstation and a destination website.
In concrete terms, when an employee wants to access an Internet site, the filtering proxy server analyzes the request. The proxy compares the URL of the site with a database in line with the company's filtering policy. Thanks to this database, which contains a list of malicious URLs, the proxy server authorizes or denies access to the requested website:
- If the URL is not in the database, access is authorized by the proxy, because the website is reliable and poses no danger;
- If the URL is present in the database, access is denied by the proxy, as the website is potentially malicious.
Web filtering objectives
Employees may perceive website filtering as a means of restricting their access to the Internet. To ensure that your employees accept this solution, it's essential to explain the ins and outs of URL filtering.
Employee productivity
When the first web filtering systems were developed, the main objective for companies was to prevent employees from visiting websites that could impact their productivity.
Today, this argument is less strong, because even if employees can't access certain websites from their workstations, they're not blocked on their smartphones. Today, therefore, site filtering should be seen as a means of helping employees to concentrate on their workstations.
Legal liability
Employers are legally liable when they make an Internet connection available to their employees in the workplace:
- If an employee downloads illegal content from his or her workstation (or other devices used to carry out his or her duties), the organization may be liable to criminal prosecution;
- If an employee uses the company's Internet connection to develop a malicious website, the employer is liable.
Cyber security
The main purpose of implementing website filtering is to improve corporate cybersecurity.
While surfing the Internet, employees may click on malicious links or visit websites prohibited by French law. All these actions can jeopardize the security of an organization's data and network infrastructure, which is why they need to be blocked upstream to prevent online threats.
Why install web filtering?
We've briefly touched on the objectives of online content filtering. Now let's look at each of the points in detail: what benefits will you gain from implementing a URL filter in your company?
Improve employee productivity
Is your company looking for ways to improve employee productivity?
Web filtering can be used to prevent your employees from visiting websites that have nothing to do with their work. These include distractions such as social networking sites like Facebook, streaming platforms like Netflix, and online gaming websites. If they are not distracted by these websites, they will be more productive in their work.
In reality, the benefits of website filtering need to be qualified.
Even if access to certain websites is blocked on your employees' workstations, there's nothing to stop them consulting them from their smartphones or any other personal device enabling connection to web content.
In addition to web filtering at the workstation, it may therefore be advisable torestrict the use of the telephone for personal purposes. However, this does not mean banning this device. In fact, under French law, employers must be tolerant of the use of cell phones for personal purposes. However, this use must be reasonable and not have a negative impact on the company. For example:
- The smartphone (or other device) can be used during the employee's breaks, but must be stored in a drawer the rest of the time in silent mode;
- Employees are not allowed to use the company wifi network on their mobile devices.
Special cases
To secure Internet access for teleworking employees, Olfeo offers a DNS filtering service. This service is also highly relevant for the public sector(local authorities, healthcare establishments) to optimize guest wifi security. Contact Olfeo to find out more about DNS filtering: our security service for uncontrolled devices and the Internet of Things. |
Ensuring compliance and legal liability
Let's take a look at the legal obligations of companies when it comes to providing Internet access:
- Companies are required to secure their IT systems and Internet access network against cyber-attacks and malicious intrusions in order to protect their employees' data.
- Article 6 of the French law on confidence in the digital economy (LCEN ) requires companies to set up filters and retain connection data for one year.
Here are our safety recommendations:
- Install website filtering, antivirus solutions and firewalls for optimum protection on all system devices;
- Keep network connection logs for one year;
- Allow reasonable smartphone use on the premises, but prohibit employees from using the company wifi network on their personal devices;
- Educate employees in good online practices (don't click on unknown links to avoid phishing, don't download an application onto the system without authorization to avoid malicious malware, etc.).
What are the legal risks of negligent security?
● Employers incur civil and criminal liability if they fail to secure their IT systems, in particular with content filtering tools. ● If an employee downloads a torrent - in other words, content that is illegal under the HADOPI law - their employer can be prosecuted under criminal law. ● If an employee uses the Internet connection to develop a malicious website, the employee can be sued under civil law. ● We invite you to discover our webinar led by our legal expert tobetter understand the legal implications of content access filtering. |
Strengthen your organization's cybersecurity
Website filtering ensures corporate cybersecurity by blocking a number of threats:
- Phishing: this technique is widely used by cybercriminals to steal sensitive information such as passwords or bank details. All it takes is for an employee to click on a link on a website, a fraudulent e-mail or a rogue application on social networks to give cybercriminals access to your company's sensitive data.
- Malware: viruses, ransomware and spyware are all threats that fall into the malware category. These malware programs can have a disastrous impact on companies that fall victim to them: theft of sensitive data, extortion of funds, service paralysis, etc.
- Access to websites prohibited by French law: sites hosting child pornography, content promoting terrorism or online platforms selling weapons are illegal. Company employees must not be able to access such content from the network.
Preventing and blocking access to malicious content (phishing, malware) is essential to protect both the company and its employees.
Characteristics of a good web filtering solution
It's essential to choose a powerful filtering solution to ensure corporate cybersecurity: if the filter lets through sites that could pose a problem, it's not effective enough.
If you're hesitating between several services to improve content access control, discover the advantages ofOlfeo: our solution adapts to the specific needs of your organization.
The url database
The web filtering system's database must be complete and up to date for control to be effective.
At Olfeo, our database contains over 20 million domains, corresponding to hundreds of millions of URLs. Be careful not to confuse domain and URL:
- com is a domain
- com/bonjour is a URL
- A domain may have a large number of URLs: some are legitimate, but others may be illegal, depending on their content.
The question arises as to whether 20 million domains are sufficient to enable employees to work in good conditions. In practice, our customers have told us that our filtering tool has a query recognition rate of 99.5%, which is more than enough to cover employee queries.
Naturally, our database is updated in real time. If you become an Olfeo customer, you'll also have the opportunity to add URLs unknown to our tool to the database: we study new classification requests with the utmost care.
Categorizing and customizing filters
Relevant categorization of sites is essential to ensure the quality of content filtering on the Internet. At Olfeo, we have a list of 9 themes and 100 categories.
This list of themes and categories enables companies to set up an effective filtering policytailored to the specifics of their business sector.
We also give companies the option of customizing filters, so that certain groups of employees can have access privileges that others in the company do not.
Web filtering applications and best practices
Are you considering using Olfeo to block web content accessed by your employees? Find out how to implement our solution to optimize security in your organization.
Key stages in implementing web filtering
Installing and configuring a web filtering solution on your network should not be left to chance.
If you opt for our software, we'll provide you with a practical guide to the successful technical implementation of our web filtering tool: every step is explained in detail.
Of course, our technicians can also help you implement our content access management tool: only precise settings will enable your organization to benefit from optimum protection.
User awareness and training
When a company integrates a web filtering solution into its IT system, it is imperative to take the time to educate and train its employees. The latter, having a better understanding of the benefits of the system, are less likely to resist its use.
Education on the filtering policy should also encourage responsible use of the Internet at work. To find the information you need to train users, Olfeo has produced a white paper that you can draw on. We also offer an e-learning platform, Olfeo Awareness, to help raise awareness of online security issues.
Filtering has become essential to protect your network from cyber-attacks, to ensure compliance with legal obligations, and to boost employee productivity. In such a context, the filtering solution must be chosen according to criteria of power and efficiency.
Are you considering investing in our website filtering tool to secure your network? Not sure which solution is right for your organization? Book a free consultation with one of our experts to assess your company's specific needs: we'll explain all the possibilities of our software and its many advantages!