Webroot Update Tracks Employee Usage Violators, Bandwidth Trends

The latest version of Webroot's Security Service adds bandwidth trend tracking, both overall and for employees attempting to violate company usage and security policies.Along with security Software as a Service (SaaS), the latest iteration of Webroot's Web Security Service includes Web activity reports designed to make bandwidth monitoring and management simpler and, as far as security goes, make clear which employees are seeking to violate company Web access and usage policies.

The introduction of the bandwidth and usage reports is a natural add for a cloud-based service company such as Webroot. And as your business relies more and more on bandwidth, both for services coming in and business outreach headed in the other direction, getting a precise fix on your bandwidth patterns and problems will play an increasingly large role in both your connectivity and your security posture.

Whether you acquire it from Webroot or not, this sort of information about your business's usage patterns and aberrations speaks directly to certain security concerns that should be addressed by:

Policy that clearly defines what employees are allowed to do/explore/participate in on the Web. Tools that wall off, blacklist or otherwise restrict certain types of Web sites and content. Monitoring and reports that identify violations and attempted violations.

The key to all of this is that strong usage policy, which should be written, and which employees should sign and date.

In this environment, and particularly with the Web so much a part of people's non-work lives, there will be employees who violate the policy or try to in order to indulge the Web activities they desire. Some of these violations or bypasses, once you become aware of them, may well cause revisions and reconsideration of your policy -- not all employee Web usage is bad or even non-productive.

But repeat offenders seeking to access blocked or prohibited Web content, or draining your bandwidth through huge P2P downloads are security risks who are a) flagrantly violating company policy (d'oh!) and b) if they're brazen enough or dumb enough (or both, simultaneously) to openly flaunt the rules you've put in place, who knows what else they're up to and how sloppy or malicious they are while they're up to it? Their behavior may not be criminal -- probably isn't, at least not deliberately -- but could put your business information at risk and, if you're subject to compliance regulations, expose you to fines and penalties.

Webroot's positioning of the bandwidth reports as a policy enforcement tool is smart business -- be interesting to know how many of its SMB customers actually have written usage polices in place, and how many actually enforce them.

The company's Web Security Service update includes weekly and monthly vulnerability tests for several hundred of the most common weaknesses and holes in "operating system, Web browsers, browser plug-ins, Microsoft Office suite, media players, instant messaging software and various third-party solutions."

A free trial of Webroot's Web Security Service is accessible here (registration required).