Cyber slacking is a term used when employees use their work internet connection for personal reasons for excessive amounts of time. Cyber slacking can cause a number of problems, from the obvious loss of productivity to legal liability as well as virus infection.
Employees browsing the web during working hours are not just a productivity issue; such employees might download illegal music and/or software or visit disreputable sites which will try to infect their visitors with Trojans.
However, there are a variety of ways to handle cyber slacking within an organization:
Tools can be employed to monitor the internet activity of users. Reports can then give an accurate picture of what sites an employee has visited and how much time the employee spent browsing. This method is not really ideal because while it is adequate to tackle an employee’s time wasting it can be too late for other security related issues, such as a malicious site infecting the victim’s computer with malware. By the time the administrator gets to review the report and discovers one of the employees has been visiting sites known to infect visitors with malware, the infection would likely have already happened and had ample time to spread.
More advanced tools will not only monitor and record user activity but take action depending on the monitored data. Some advanced tools also allow for classification of web sites as this would allow an administrator to really tweak the system for optimum effect. Website Classification coupled with scheduling can also help maintain employee morale which could be negatively affected when implementing such measures.
Setting up policies that would always block malicious sites but allow access to news, social networking and gaming sites during the employees’ break would secure the business against security threats, prevent cyber slacking yet still allow employees to access work unrelated sites during their free time.
Proactive monitoring would be the next step after active monitoring. Such a system would not only monitor but also take action depending on what it encounters. The system would scan downloaded files for any viruses, block certain types of files as well as drop connections that are not allowed – for example, instant messaging with people outside the company. Advanced systems can also detect attacks being transmitted through the networks and proactively stop them.
One thing to always keep in mind is that even when using advanced systems such as proactive monitoring it is still important to keep an eye on reports. No system is infallible and users are generally resourceful and sometimes manage to find workarounds or visit sites that are not yet correctly categorized. Keeping an eye on the logs would make sure the Administrator identifies these instances and takes prompt corrective action.