I try summarize shortly the reasons I collected on google for URL Filtering. I dont find the wikipedia page useful enough for that big topic.
On wikipedia it is a part of content-control: http://en.wikipedia.org/wiki/Content-control_software.
URL filtering is required to stop the users of an organization from accessing those websites that:
– drains their productivity during working hours (really poor reason, since the user finds another way to hang on the Internet)
– lets them view objectionable* content from work place (depends on filtering factors.)
– are identified as known malicious websites (strongest reason and the only security reason.)
– is bandwidth intensive and hence creates a strain on resources. (good enough reason.)
*here it is defined what objectionable actually means. It always depends on the local laws.
The URL Categories should be blocked according to one of the 4 reasons mentioned above.
The URL Filtering can depends on the 2 following decisions declared by IT Security responsible.
1. Filterings Strength:
- Normal blocking
2. Filterings Factors:
- Depends on the used type of the internet access. Is it a worker at the company or a customer how uses it?
- Reliability of the workers if Internet access is used for company workers.
- Reliability of the users if Internet access is used for customers.
- Morality and Ethics, Opinion in case of different view of management and worker. Which way to go?
- Morality and Ethics, Opinion in case of different view of Provider and Customer. Provider cannot decide alone, can loose Customers..
- Legal actions
- Religious, anti-religious, and political censorship in case of different view of Provider and Customer. Provider cannot decide alone, can loose Customers..
The biggest problem with URL Filtering is, as long as you enable ssl through your web proxy, you can spare any URL Filtering. This denies access for people how was born in a world without internet, but the new generation kiddies will find the way to access whatever they want.
What do you think of it?