Blocking people from accessing unproductive Web sites has saved News Limited an estimated $5.5 million a year the company’s top security professional estimates.
Just as the federal government hatches its plans to implement the great firewall of Australia in the form of Internet filtering, News Limited has seen success by blocking employees from accessing public Web services it deems unproductive.
News Limited’s national IT security manager Bob Hinch says the company maintains a balanced approach to content regulation for internal employees.
“The estimated savings in productivity losses from blocking porn and IM sites like MSN and Yahoo is estimated at $5.5 million every year,” Hinch said.
That said, News Limited uses Microsoft’s Office Communication Server for IM, which is available to all staff that have a genuine need for the service.
“Now, instead of four to five thousand people using IM we have one to two thousand using it,” he said.
Productivity is a big issue for News Limited with regard to social networking sites, although the company does not block Facebook, which it considers a valuable resource for journalists and other employees.
Hinch says the diversity of desktop applications used by staff is also increasing -- including Google, Facebook, Firefox and the iPhone -- but being a media company News Limited encourages this.
“Smartphone use is a growing issue as the difference between the iPhone and the BlackBerry is the applications people use. People can use Internet banking on their iPhone,” he said.
With up to 350 IT staff in Australia and only 4 security staff, News Limited is not flush with resources to combat the increasing level and intensity of cyber attacks.
“The main source of concern for us Internet attacks as 70 per cent of fraud is in the form of Web app fraud,” Hinch said.
This role is Hinch’s fourth term as an IT security manager. “It is a start-up role at News Limited, which had a bit of work to do,” he said. “I put security tools in place and now we are consolidating those and putting in processes around them.”
News Limited recently bought URL and spam filtering solutions from vendor Websense.
“We are moving all our content online, which is a challenge, and we are moving to a pay-per-view model for content which has been successful for publications like the Wall Street Journal,” Hinch said. “This is a big effort for our online business at the moment.”
Hinch reports to the company’s IT services director Clive Parsons, who is underneath CIO John Pittard.
The types of treats News Limited faces are varied, but Hinch says denial-of-service attacks are increasing and some of the sites owned by the company have been subject to such attacks, particularly MySpace. Another example is the TrueLocal classifieds site which also has suffered a DOS attack.
Hinch says IPS have blocked a huge number of attacks and News Limited has spent a lot of effort on its Web sites for penetration testing.
“The security industry is like the general outsourcing industry -- you outsource what makes sense,” he said. “We recently signed up to Websense spam filtering, which makes sense. Outsourcing security also makes the vendor honest as it’s very easy to chance a MX record. If the service fails we can switch.”
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.