While the development of networking technology has improved the way businesses operate, this has also led to an increase in social and legal complications as a direct result of staff noncompliance with IT policies and abuse of Internet access at the workplace. Staff members who do not comply with IT policies have the potential to cause problems with:

Webpage access: Staff members might access terrorism websites, prompting disruptive investigation by legal authorities.

Outbound speech: Staff members might deliver their own opinionated speeches via an enterprises’ network at will. For example, they might publish (or browse) pornography, play online games, or post politically-sensitive speeches or confidential company information on discussion groups, blogs, and other sites, posing a legal risk to the enterprise.

 

File uploading: Staff members might use company networks to upload pornography or other illegal content to the Internet, resulting in criminal proceedings and corporate penalties.

 

File downloading: Staff members might neglect copyrights and illegally download copyrighted papers, software, audio, and video files. These activities can have serious ramifications for the business.

 

Email usage: Staff members could send or receive terrorism-related email, imposing significant legal and political risks on the enterprise.

Currently, many IT management departments do not have appropriate, consistent countermeasures against the abovementioned types of behaviors for the following reasons:

 

Too much information: Staff members often deliver posts, upload files, and receive/send emails on the company’s network, and IT departments lack the resources to manage such a high volume of information, even if they want to. Adding to the difficulty is the fact that there are too many sites of a pornographic, political or potentially illegal nature on the Internet (most of which are encrypted) making network access management even more difficult.

 

Lack of identification: Currently, enterprises lack the means to effectively identify specific users when staff members use the Intranet to access the Internet. As a result, if any staff member violates laws on the company’s network, IT managers cannot pursue those responsible. Invariably, authorities seek justice, but businesses are unable to provide detailed and direct evidence regarding the responsible party’s involvement and IT management departments can end up being the scapegoat.

 

Bypass Legal and Political Risks
How can businesses strike a balance between the effective and legal usage of network applications and the need to curtail related legal and political risks? SANGFOR IAM products can help enterprises reduce or eliminate legal risks from improper network behaviors, by stopping them at the source.

 

SANGFOR IAM products offer unique human intelligence and artificial intelligence tools to provide IT management staff with the ability to identify, categorize, and manage trillions of websites. In addition, SANGFOR IAM provides comprehensive webpage recognition abilities so that IT supervisors can effectively block illegal websites (including those that are encrypted).

 

Now, with the help of SANGFOR IAM, IT management staff can manage outbound information, guaranteeing outbound information is legal. For example, IT management staff can mitigate the political and legal problems that arise from Internet group postings of sensitive, inappropriate, or illegal communications, by setting up constraints that are based on targeted keywords.

 

SANGFOR IAM products include independent data centers which enable businesses to store extensive network application logs and meet the documentation requirements of relevant laws and regulations. In addition, each independent data center provides superior reporting and alarm functions, allowing network systems to automatically check violating behaviors, immediately avoid the risks of improper network behaviors, and reduce management staff workload.

 

SANGFOR IAM products offer a solution that does it all: Pre-event recognition (webpage identification), in-event management (outbound information management) and post-event follow-up. For the first time, business owners can have a set of tools that will allow them to realize full control over internal network access behaviors and avoid the social and legal risks of improper Intranet network usage.