YOU! And your employees. Like it or not, human beings are our own worst enemies online, inviting hackers, viruses, data breaches, data loss, etc., through the seemingly innocent actions taken every day online. In most cases, this is done without malicious intent – but if you as a manager or owner aren’t monitoring what web sites your employees are visiting, what files they’re sending and receiving, and even what they’re posting in company e-mail, you could be opening yourself up to a world of hurt.
That’s because employees’ actions can subject the company they work for to monetary loss, civil lawsuits, data theft and even criminal charges if they involve disclosure of confidential company information, transmission of pornography or exposure to malicious code.
One thing you can (and should) do is configure your firewall to document and monitor which web sites users are visiting. Almost all enterprise-level firewalls have this ability built in; you simply need to configure it and monitor the reports (something we can certainly help you with). But it’s up to you to set the rules, write it into an Acceptable Use Policy (AUP), TRAIN employees on what is and isn’t acceptable and then get them to sign the AUP.