An Audit Commission report published in June this year highlighted a huge increase in the viewing of computer pornography by public sector workers. The report called for public sector organisations from councils and government departments to the NHS, police and fire-fighters to invest in technology to prevent inappropriate or illegal images in the workplace.

Chris Hurford, head of IT security at the Audit Commission reported that the detection of computer porn had grown exponentially since 1997: “Many managers do not pick up on it because, unlike fraud, it is not obviously damaging to the organisation. People haven’t taken the issue very seriously.”

Yet the scale of the problem is reflected by the incident at the Department of Works and Pensions that hit the headlines last year. It was disclosed that, after an investigation, 2 million inappropriate images and, more alarmingly, 18,000 illegal images were discovered on their computer systems. Furthermore, out of 1,451 convictions resulting from Operation Ore, the largest UK anti-paedophile investigation, 27 per cent were public sector employees.

LACK OF AWARENESS

A part of the illicit image abuse problem is lack of awareness and understanding. A recent survey, carried out by The Irish company and the Chartered Institute for Personnel & Development, revealed that the majority of senior managers were unaware that they and their organisation could be criminally and civilly liable if inappropriate or illegal images were found on workplace computers. The Legislation in the UK is clear – directors and the managers they appoint could be held personally liable if negligence is found in the management of data and images on workplace computers with a penalty of up to five years imprisonment.

NOT JUST AN INTERNET PROBLEM

The conventional method of preventing pornographic or illegal images entering the corporate network is by implementing an Internet gateway filtering solution. But gateway technologies are limited in scope and can easily be bypassed using techniques such as encrypted data transmission, unrecognisable file formats and secure connections through HTTPS. But even if these limitations could be overcome, today’s desktops are subject to multiple data entry points. PCs have conventional points of entry such as a CD/DVD drive, Ethernet card and serial and parallel ports. But with USB, Firewire and wireless networking, the desktop has been opened up to multiple new hardware devices with high data transfer rates such as portable hard drives, memory sticks, 3G phones and cameras.

PREVENTION

Gateway filtering is only a small part of the solution. At the Department of Works and Pensions it was reported that a mere 2 months after installation of image detection software at the gateway, a further 500,000 inappropriate images had been introduced on to its computers. The only effective solution is to audit files on corporate IT resources and monitor and report on images as they are being viewed by the user.

To undertake a detailed audit of machines across an entire corporation can take months or even years. However, using the latest image analysis technology it now only takes days or weeks for even a large organisation to detect inappropriate and illegal content stored on all PCs, servers and removable media including email archives, embedded images and ZIP files and provide a detailed audit trail and comprehensive management reports. The same technology can be used to identify and prevent inappropriate or illegal images at the desktop in real time. Images that breach pre-set guidelines can even be blurred to avoid the risk of inadvertently displaying a harmful image that may lead to sexual harassment claims. Full details, are recorded and can be dealt with by the designated administrator and HR department.

LINE OF DEFENCE

While in most organisations monitoring of computer systems is permitted it is essential to have an unambiguous and up-to-date Acceptable Computer Usage Policy. This should be communicated to all staff so they are fully aware of expected employee behaviour, measures the organisation is taking to monitor and enforce as well as the disciplinary policies and procedures.

Clearly it is time for companies and organisations to take action. Reinforcement of policy, regular audits and a visible line of defence at the desktop is the only sure way of dealing with and ultimately putting a stop to this undesirable activity in the workplace.

About Author

This article was written by Colm Doherty of Pixalert – http://www.pixalert.com Data Loss Prevention | Email Monitoring Solution. PixAlert is the market

Article Source: ArticlesBase.com – Porn Images and the Public Sector