Friday, March 24, 2017

Web Protection Part 1: Defining the Need

Recently the Web Protection feature of the MSP Remote Monitoring and Management Cloud Dashboard underwent some changes. Namely, gone are the day of the old Web Monitoring plugin that really only captured browser traffic. Given the advent of many applications accessing the internet, the Web Protection module now acts as a direct filter to the network interface and captures all traffic bound for the internet. This fundamental change to the product evokes a new conversation concerning Web Protection. This article is the first part of a three-part series. 
  1. Web Protection Part 1: Defining the Need
  2. Web Protection Part 2: Setting up a New Policy
  3. Web Protection Part 3: Deployment, Reports, and Usage

Where do I start?

Web Protection can be a sensitive item to discuss with clients. Blocking access for certain applications, users, as well as to certain websites, can cause hard feelings with the day-to-day users. The importance of great communication between you, the client, and the end-users is imperative to a successful Web Protection implementation. Starting up this conversation can seem difficult at first. Bearing this in mind, you will want to ask the client if they have ever thought of implementing such a policy or if there is a policy in place.

“Do you currently have a written company policy on employee Internet usage?"

If your client has a policy in place, ask for a copy of it. You would then follow up by asking how they currently enforce the policy. If your client does not have a good answer, you will want to have some examples of how companies are protecting themselves against legal liability with web protection.

Would you be interested in an evaluation on the way your company utilizes the Internet?"

Explain the value of understanding how their company’s Internet usage effects speed and productivity of their employees. To help reinforce your points, ask the following questions: 

  • How much of their current bandwidth are they using? 
  • How many requests are made to social media sites a day? 
  • What applications are using the majority of bandwidth? 
To begin showing the client just exactly what kind of information and traffic passes through their network, you can offer to deploy Web Protection to a few devices with a basic filtering policy. Let this run for a week. Once the test has concluded, you can generate a Web Protection Overview report in the Dashboard to illustrate the very usage that the client is trying to track, monitor, and in some cases, prevent. This report has now become a tool for helping you deliver a working solution that meets the client's needs.

In addition to being a sales tool, this document is a road map for both a discussion with your client and guide to a successful deployment. You can sit down with your client and show them where their employees are spending their time on the Internet and also have a complete list of websites that the company utilizes for business purposes. Often times the company will want a category blocked; however, they will want a website within that category whitelisted. There is nothing worse to constantly get calls from your client telling you their business applications are blocked because you turned on Web Protection without analyzing their current usage.

Check out Part 2 for how to setup the new Web Protection policy. 
Check out Part 3 for how to deploy the feature, work with reports, and view tips on working with Web Protection.