NIH monitoring Internet use

The National Institutes of Health has deployed software to track and manage Internet use for more than 41,000 employees.

NIH, an agency in the Department of Health and Human Services, signed a two-year contract with San Diego-based Websense Inc. for the company's Websense Enterprise employee Internet management software.

The software, which blocks certain Web sites or limits personal Internet use, is intended to increase productivity and cut down on security risks.

"The Internet today is a very enticing and compelling environment," said Websense chief technology officer Harold Kester. It affects a "company's most important asset, their employee, and their most powerful tool. It's like putting a gambling casino and a Playboy magazine on every desktop."

The contract also includes the Centers for Disease Control and Prevention and Indian Health Service. More than 400 government organizations are currently using Websense, Kester said, including the Federal Aviation Administration, the Commerce Department and the Army.

The Websense software bars employees from surfing certain sites, ranging from pornography and gaming sites to personal e-mail and online banking.

Depending on the policies that an agency sets, the software can limit Internet use by certain sites or by certain times. For example, an employee may be able to access e-mail or online shopping during his or her lunch hour, but would be prohibited during the rest of the workday.

Without such software, agencies face a loss in productivity — an average of three to five hours a week per employee, Kester said. Agencies also encounter legal liability for use of pornographic sites, a loss of critical bandwidth from file sharing, such as music and video swapping, and security concerns if an employee accesses a site that admits a worm into the system.

When an employee accesses a site, the request is routed through Websense Enterprise databases. The database, which houses about 4.2 million Web sites, determines the content of the site and whether it fits the agency's policies. The software also tracks who requested the site and when it was requested, logging each employee's moves on the Internet.

The database is refreshed every night to show newly developed Web sites, and agency managers can easily unblock a Web site for specified use. The software allows for flexibility in the policies, and rather than block a site, the software can give a warning that the site may not be appropriate but still can be accessed.

Kester said employees are generally accepting of the software, recognizing they don't want their co-workers misusing the Internet. But to address possible privacy concerns, Kester said agencies should make sure their employees understand their Internet use is being tracked.

"As employees, we have expectations" of privacy, Kester said. "You have a written Internet usage policy and you communicate that."


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.