Blocking Websites from Employees

This is probably one of the topics I hear the most.  There’s always a huge toil as to whether or not to have Internet access at a resale store.  There are pros and cons.  In my professional experience, the pros far outweigh the cons – only if your system is configured by an experienced, competent, certified IT professional though. (like The Computer Peeps!!!)

Let’s first address some of the cons to having Internet access at your store:

• Viruses
• Employees abusing Internet privileges
• Data Security

The pros to having Internet access at your store:

• Technical support can be provided via the Internet
• Updates can be easily installed (e.g. Windows, your consignment software, etc.)
• You can integrate your consignment software with an online shopping cart
• You can send emails from your consignment software
• You can harness the power of sites such as eBay, Craig’s List, and yes, even Facebook

To get straight to the point, having Internet access can save you money.  How?  The Computer Peeps can manage and support your computers and network over the Internet.  Since local techs A) don’t know consignment software and how technology relates to it and B) tend to charge an arm and a leg, utilizing The Computer Peeps for your technology needs will save you money…and frustration.  So that’s one of my favorite reasons why your store could benefit from having Internet access.

“But Dean, I don’t want my employees monkeying around on Facebook all day!“

I hear that one all the time.  In my personal opinion, I think having an open, liberal employee policy will set the stage for mature, responsible employees.  I’m also not a complete moron and I know humans tend to take advantage whenever possible.  So there has to be a happy medium.

Restricting/blocking Internet access is easier than you think.  Don’t make the mistake of going with a product such as NetNanny.  I’m not trying to dog that company, but I’m an IT professional and I know the real way to get things done.  If you already have Internet access (especially if you have WiFi), you probably already have a router. A router serves a few purposes:

• It allows you to share one Internet connection with multiple computers
• Virtually all routers also function as a firewall
• You can configure the router to block certain sites and/or keywords, based on a schedule

This is how IT professionals secure a network.  Since everyone isn’t an IT professional, software companies have developed programs (see: NetNanny) to try to help end-users secure their systems.  Think of it like this: you could either have a professional install a fancy alarm system in your car or you could try and do it yourself.  Since you probably don’t know all the details  as to how to install an alarm system, you’ll either end up taking shortcuts or finding some “cheap way” of doing so.

Would you renovate your kitchen by yourself, if you’ve never done it before?  Would you replace the brakes on your car by yourself?  Would you replace your roof by yourself?  Unfortunately, by having programs out there that attempt to replicate what an IT professional should handle, it leads to the illusion of, “oh, I can just do this myself.”  This is your business we’re talking about here.  Are you saying your business isn’t worth doing things the right way?

I know how you feel though.  There’s no one to turn to, there’s so much information out there…it’s almost like this stuff is complicated on purpose!  Well, it sort of is on purpose!  This is Information Technology!  🙂

So if you’re going to be online, you need a router – even if it’s a single computer, you need a router with a firewall inside.  Don’t let anyone tell you any different.  If you find someone that tells you differently, have them call us.

So most of your issues are already solved, just by having a router!

I love routers because they make it easy to create a single-point of security for your network.  This forces all of your computers to abide by the security and settings outlined in your router.  Plus, a router is a dedicated device as opposed to bogging your computer(s) down with programs.  Even worse, security programs are updated on a regular basis and this can lead to unexpected issues.  You just can’t afford to walk in one day, only to find your consignment software won’t open because a security program was updated.

Let’s take a closer look at the settings available in most routers.  Most routers have a Block Sites (or equivalent) option…

The problem is, most people don’t know how to “get to their router”.  Do you walk over to it and plug a keyboard into it?  Nope.  This is one of the first reasons why IT professionals should handle this sort of stuff.  At the end of this article, I’ve included the steps on how to get to your router.  I don’t want to overwhelm everyone with nerdy details though.  It’s not difficult to do, but most get two words into and fall asleep. It’s not so complicated that it requires hundreds of dollars spent on a tech or hours to configure.

So that knocks out the majority of the issues a resale store is concerned with – blocking Websites or certain types of Websites.

Another handy feature available in most routers, is the ability to block sites/keywords based on a schedule.  Instead of blocking Facebook completely, maybe you could let the employees access Facebook the first hour that you’re open…

After an hour (if you open at 11), it’s blocked for the remainder of the day! (if you close at 5)

The Block Sites feature in many routers also provides other settings that make this such a handy feature.  You can allow specific computers to have access – e.g. your computer.  You can also configure the router to email you activity, either when someone attempts to access a blocked site or a log file summary at the end of the day.

That still won’t stop someone with a smart phone – e.g. an Android device, iPhone, Blackberry, etc.  These devices connect via 3G and do not require a WiFi connection to browse the Web.  So you have to be ready to deal with a certain amount of “well, technology can’t fix everything!”  I’m of the philosophy that if you try to force people to do something, they might heed your warnings for a while, but it will eventually lead to dissension.  I don’t want to get on a philosophical rant here, but technology is not a policy maker.  Hiring smart, educated, respectable employees is something business owners have to deal with, with or without technology.  If you look at a company like Google (yes, I know we’re not all multi-billion dollar companies), you’ll see that a certain amount of freedom goes a long way.  There’s a smarter way to manage people, rather than just “shutting everything down”.  But I digress…

So, let’s recap:

• You probably already own and utilize a router/firewall.  If you don’t, go buy one today.  If you need to know which to buy, just call The Computer Peeps.  Routers are very inexpensive, yet the yield a wealth of security and features that can help your business.
• Routers can help you block specific sites or keywords
• Routers can notify you if someone attempts to access a blocked site
• You can allow specific computers – e.g. your own – and block/restrict others
• Technology is a tool to help your business, it is not the end all, be all of policy though – that’s up to you.

There are a few other tricks to blocking sites, but they’re not absolute.  I don’t want to get too geeky, but I sort of have to on this one.  There is a “hosts” file that resides on Windows-based computers.  You can edit this file and manually block/redirect specific sites.  Most people don’t know about this file, which is good for you – it means employees won’t know how to edit the file.  People are getting savvier with PCs though, so if someone has a little bit of computer knowledge, they will know about the “hosts” file, thus, it can be defeated.  It’s free though and it’s a neat little trick.  You can also use a service such as OpenDNS.  Since the Internet works off of names (e.g. Facebook.com) resolving to IP addresses, you can use OpenDNS to block/redirect specific sites as well.  It’s a free service, which I love.  I think everyone should use OpenDNS for their name servers (sorry, geeky, I know) since it helps keep out phishing/malicious sites.  For the purpose of this article though, it’s a little fallible.  It requires that you log in to their site, add your network’s IP address, etc..  So it’s handy, but it’s not perfect.  I’ll discuss OpenDNS in a separate article.

++++++++++++++++++++++++++++++++++++++++++++++++++

Note:

At the beginning of this article, I said I’d show everyone how to log in to a router.  I just want to show that this is not some crazy geek thing, nor does it require hundreds of dollars to pay someone to figure this out.  It’s not for the faint of heart though, so if this is over your head, don’t feel left out.

1. Click Start
2. Click Run (or in Windows Vista or 7, just click in the “Search” field under the Start menu)
3. Type cmd
4. Click OK or press Enter on your keyboard.  You should now see a command prompt that looks similar to this…

   

5. Type ipconfig /all and then press Enter (notice there’s a space after g and before /).  You should see a list of network information similar to this…

   

6. Scroll through the list of information and look for the Default Gateway line…

   

   Make note of the IP address for your Default Gateway.  In my example, it would be 174.164.1.1.

7. Launch your Internet browser and type that IP address into the Address Bar (make sure you type it into the Address Bar, not a Bing, Google or some other “search” field.

   

8. Once you click Go or Enter, you should be prompted to enter a user name and password…

   

   Hopefully your router’s password has been changed from the default password it came with!!!

9. Once you click OK, you’re logged in!

   

That wasn’t too difficult, was it!?  I don’t expect everyone to run out and do this.  I just wanted to show that it’s possible, it isn’t difficult and if you already have a router, you have security settings you should be taking advantage of.