Which Websites are Your Employees Visiting?

Thursday, August 19, 2010

Simon Heron


At Network Box, we scan and monitor urls as part of our managed service for the companies we work with, putting us in a great position to track trends in which sites are most visited at work, and which ones use the most corporate bandwidth.

Why worry about what employees do on the internet during their breaks at work?

Businesses need to protect their bandwidth. Run low on bandwidth and you’ll soon be unable to download content. Our latest figures reveal that YouTube, a website which places a huge drain on bandwidth, is responsible for 10.2 percent of corporate bandwidth usage.

Add Facebook, which uses another 5 per cent of bandwidth and 15 per cent of available corporate bandwidth is used by websites that are probably not being used for business purposes.

Malware is another issue that businesses could face when they permit their employees to use social networking sites. In our sample, Facebook alone received over one billion hits from people at work between April and June 2010, this represents a significant risk of corporate networks coming into contact with viruses and phishing attacks on the site.

Of course, some businesses may wish, or even encourage social network use for business reasons, in which case measures need to be taken to ensure that network security is not compromised. (See our securing social media series of guides for further information on how to achieve this).

However, Google, which is the second most visited website whilst at work – and probably for work related purposes, has been suffering a malware problem of its own with malicious links appearing in the search results.

It’s abundantly clear that managers need to ensure that business networks are fully protected against internet threats. This means:

-    Staying on top of the latest trends in online communication, to know what security is required.
-    Implementing and enforcing an internet usage policy.
-    Educating employees about the risks that they are likely to encounter online.
-    Budgeting for expert advice, training, personnel and solutions to keep the network protected 24/7.

The survey tracked 14 billion URLs and 225,000 GB of bandwidth usage between April and June 2010.

The top five websites (by the number of hits) visited from business addresses in Q2 2010 were:

1.    Facebook  7.2%
2.    Google  3.9%
3.    Yimg  (Yahoo’s image server)  2.9%
4.    Yahoo  2.3%
5.    Doubleclick  1.6%

The top five websites ranked by the bandwidth they use were:

1.    YouTube  10.2%
2.    Facebook  5%
3.    Windows Updates  3.2%
4.    Yimg (Yahoo’s image server)  2.9%
5.    Google  2.5%

Cross-posted from NetworkBox

Possibly Related Articles:
Enterprise Security
Post Rating I Like this!
sophie J well, facebook maybe one of those sites, employees always visits. It's the most-used social networking sites nowadays. Users can add people as friends and send them messages, and update their personal profiles to notify friends about themselves. Additionally, users can join networks organized by workplace, school, or college. Facebook hoaxes have abounded this week. Today Facebook warned users about a new clickjacking scam that milks $5 a week from mobile phone accounts by exploiting Facebook's "Share" feature. It seems that Facebook has let the clickjacking scam and dislike scam emerge together. These hoaxes try to use, much like the clikejacking scam of last May, buttons that aren’t actually there. Typical red flags to notice and recognize are how Facebook users can keep away from these hoaxes.
Mister Reiner Conserving bandwidth is certainly an important issue, but I think a greater concern is that employees will be tricked into visiting Websites containing malware.

Another concern that many people may not be aware of, is that some Trojans use RFC compliant HTML-based covert channels to communicate with a hacker's home base. Hackers often operate out of Websites that look harmless enough, but are really command and control centers and repositories for stolen data.
Simon Heron Web 2.0 applications are going to be a major attack vector in the coming year. Companies will have to look carefully at how they manage access to them.

Danny Lieberman Simon - good point - the more people use "Web 2.0 apps" and the more Javascript the apps use (and gmail and FB are basically 100% JS apps) there will be more vulnerabilities and new exploits which traditional web filtering - I believe - will not be able to deal with easily - since they use human weaknesses to run the exploit.

I think that network DLP which was originally tasked for data leakage can play a very important role here - since DLP is independent of the rights and URL management systems a company has

The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.