Forcepoint: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
→‎History: Toning down unsourced commentary. We probably need some good general IT security content here, but what does websense have to do with asset registers &c?
Restored sourced criticism as well as the company's primary business being internet censorship, please see Wikipedia:Sockpuppet_investigations/Websense,_Inc. and Talk:Websense
Line 7: Line 7:
| key_people = John Carrington, Chairman<br>Gene Hodges, CEO<br>John McCormack, President<br>Michael Newman, SVP, Interim Chief Financial Officer, General Counsel and Chief Administrative Officer <br> Dan Hubbard, CTO <br> [[Jason Clark (IT Security Executive)|Jason Clark, CSO]]
| key_people = John Carrington, Chairman<br>Gene Hodges, CEO<br>John McCormack, President<br>Michael Newman, SVP, Interim Chief Financial Officer, General Counsel and Chief Administrative Officer <br> Dan Hubbard, CTO <br> [[Jason Clark (IT Security Executive)|Jason Clark, CSO]]
| area_served =
| area_served =
| industry = [[Computer security]]
| industry = [[internet censorship]]
| products = [[Computer security]], web security, email security, data loss prevention, advanced persistent threat protection, Security-as-a-Service (SaaS), mobile security, social networking security, risk and compliance, [[Web filtering]] and [[Information Leak Prevention]]
| products = [[internet censorship]], web security, email security, data loss prevention, advanced persistent threat protection, Security-as-a-Service (SaaS), mobile security, social networking security, risk and compliance, [[Web filtering]] and [[Information Leak Prevention]]
| revenue = $332 million
| revenue = $332 million
| operating_income =
| operating_income =
Line 19: Line 19:
}}
}}


'''Websense''' is a [[San Diego, California|San Diego]]-based company specializing in [[Content-control software|web filtering software]]. It has come under [[#Controversy|controversy]] for its facilitating censorship by clients of [[Censorship by religion|religion]] (or lack thereof), [[ideological repression|ideology]], and of [[Political censorship|political organisations]]<ref name="westcensoringeast">{{cite web | url = http://opennet.net/west-censoring-east-the-use-western-technologies-middle-east-censors-2010-2011 | work = [[OpenNet Initiative]] | title = West Censoring East: The Use of Western Technologies by Middle East Censors, 2010-2011y | date = 2011-03 | accessdate = 2012-01-28}}</ref>, especially in publicly funded libraries and educational institutions.
'''Websense''' is a [[San Diego, California|San Diego]]-based company specializing in [[Content-control software|web filtering software]], also referred to as "censorware"<ref>[http://peacefire.org/censorware/WebSENSE/ Peacefire WebSENSE Examined]</ref>, it uses the term ''information protection'' in its [[Brand language|branding]] however this is an incorrect usage of the industry standard of the term to keep information inside a network secure rather than ''[[internet censorship|information censorship]]'' of outside materials.<ref>{{usc|44|3542}}(b)(1)</ref> Its software aims for its customers to [[internet censorship|censor the internet]] in public places according to a set of categories selected by their clients such as public libraries, governments and businesses. It has come under [[#Controversy|controversy]] for its facilitating censorship by clients of [[Censorship by religion|religion]] (or lack thereof), [[ideological repression|ideology]], and of [[Political censorship|political organisations]]<ref name="westcensoringeast">{{cite web | url = http://opennet.net/west-censoring-east-the-use-western-technologies-middle-east-censors-2010-2011 | work = [[OpenNet Initiative]] | title = West Censoring East: The Use of Western Technologies by Middle East Censors, 2010-2011y | date = 2011-03 | accessdate = 2012-01-28}}</ref>, especially in publicly funded libraries and educational institutions.


Blocking categories used variably by clients such as public institutions, governments and corporations include "[[Labor rights|Professional and Worker Organizations]]" (such as [[trade union]]s), "Sites sponsored by or providing information about [[political parties]] and interest groups" (such as [[civil rights]] organisations), "[[Gay]] or [[Lesbian]] or [[Bisexual]] Interest", "[[Sex Education]]", "Sites that provide information about or promote [[Wicca|religions not specified in Traditional Religions]]", and Sports (including civil rights organisations such as the [[National Rifle Association|NRA]]).<ref name="westcensoringeast"></ref>
Blocking categories used variably by clients such as public institutions, governments and corporations include "[[Labor rights|Professional and Worker Organizations]]" (such as [[trade union]]s), "Sites sponsored by or providing information about [[political parties]] and interest groups" (such as [[civil rights]] organisations), "[[Gay]] or [[Lesbian]] or [[Bisexual]] Interest", "[[Sex Education]]", "Sites that provide information about or promote [[Wicca|religions not specified in Traditional Religions]]", and Sports (including civil rights organisations such as the [[National Rifle Association|NRA]]).<ref name="westcensoringeast"></ref>
Line 28: Line 28:
Websense was founded by Phil Trubey in 1994. It went public in the year 2000.<ref name="founder">{{cite web | url = http://www.accessmylibrary.com/coms2/summary_0286-28681445_ITM | work = San Diego Business Journal | title = He's All Business On the Internet, Phil Trubey Unveils His Latest Venture Even Though He Could Retire Today | date = 2000-12-11 | accessdate = 2008-08-04}}</ref>
Websense was founded by Phil Trubey in 1994. It went public in the year 2000.<ref name="founder">{{cite web | url = http://www.accessmylibrary.com/coms2/summary_0286-28681445_ITM | work = San Diego Business Journal | title = He's All Business On the Internet, Phil Trubey Unveils His Latest Venture Even Though He Could Retire Today | date = 2000-12-11 | accessdate = 2008-08-04}}</ref>


Apart from [[Content-control software|web filtering]], the company provides email security, and data loss-prevention technology. The software also tracks individual internet usage for the purpose of collecting and reporting on any browsing deviating from the standards set by the library, government or other employer, and its reports can be [[Data drilling|data drilled]] by "risk class, category, URL, application, user, workstation, dates, and more."<ref>[http://www.websense.com/global/en/ProductsServices/ReportingTools/ Websense: reporting tools].</ref>
Apart from [[Content-control software|web filtering]] (sometimes referred to as "censorware") or [[internet censorship]], the company provides email security, and data loss-prevention technology. The software also tracks individual internet usage for the purpose of collecting and reporting on any browsing deviating from the standards set by the library, government or other employer, and its reports can be [[Data drilling|data drilled]] by "risk class, category, URL, application, user, workstation, dates, and more."<ref>[http://www.websense.com/global/en/ProductsServices/ReportingTools/ Websense: reporting tools].</ref>


Websense allows system administrators to block access to web sites and other protocols based on categories. These contain lists of sites that may be blocked at will, either at specified times or permanently. The software offers clients a ''continue button'' which permits users to access an otherwise blocked category if it is work related.<ref>[http://www.websense.com/global/en-au/ProductsServices/MasterDatabase/URLCategories.php Websense: list of the categories used to classify the URLs].</ref> The ability for public libraries, governments or other employers to block content based on ideology has proved [[#Controversy|controversial]] due to the subjects being blocked being controlled by an individual organisation or even a single individual.
Websense allows system administrators to block access to web sites and other protocols based on categories. These contain lists of sites that may be blocked at will, either at specified times or permanently. The software offers clients a ''continue button'' which permits users to access an otherwise blocked category if it is work related.<ref>[http://www.websense.com/global/en-au/ProductsServices/MasterDatabase/URLCategories.php Websense: list of the categories used to classify the URLs].</ref> The ability for public libraries, governments or other employers to block content based on ideology has proved [[#Controversy|controversial]] due to the subjects being blocked being controlled by an individual organisation or even a single individual.
Line 45: Line 45:


==Controversy==
==Controversy==
[[File:Computers at Guantanamo are protected by 'websense'.jpg|thumb|left|250px|The [[Guantanamo Bay Naval Base]] uses Websense software as of November 2009<ref>{{cite web|url=http://www.jtfgtmo.southcom.mil/wire/wire/WirePDF/v10/Issue37v10.pdf |title=Making sense of Websense (copy at File:The_Wire_Issue37v10.pdf) |author=Dustin Robbins (JTF Information Assurance Security officer) |work=The Wire, issue 37, volume 10, p. 4, November 6, 2009}}</ref>]]

===Blocking errors===
===Blocking errors===



Revision as of 10:13, 16 February 2012

Websense, Inc.
Company typepublic (NasdaqWBSN)
Industryinternet censorship
Founded1994
HeadquartersSan Diego, California
Key people
John Carrington, Chairman
Gene Hodges, CEO
John McCormack, President
Michael Newman, SVP, Interim Chief Financial Officer, General Counsel and Chief Administrative Officer
Dan Hubbard, CTO
Jason Clark, CSO
Productsinternet censorship, web security, email security, data loss prevention, advanced persistent threat protection, Security-as-a-Service (SaaS), mobile security, social networking security, risk and compliance, Web filtering and Information Leak Prevention
Revenue$332 million
Number of employees
1,450
Websitehttp://www.websense.com/

Websense is a San Diego-based company specializing in web filtering software, also referred to as "censorware"[1], it uses the term information protection in its branding however this is an incorrect usage of the industry standard of the term to keep information inside a network secure rather than information censorship of outside materials.[2] Its software aims for its customers to censor the internet in public places according to a set of categories selected by their clients such as public libraries, governments and businesses. It has come under controversy for its facilitating censorship by clients of religion (or lack thereof), ideology, and of political organisations[3], especially in publicly funded libraries and educational institutions.

Blocking categories used variably by clients such as public institutions, governments and corporations include "Professional and Worker Organizations" (such as trade unions), "Sites sponsored by or providing information about political parties and interest groups" (such as civil rights organisations), "Gay or Lesbian or Bisexual Interest", "Sex Education", "Sites that provide information about or promote religions not specified in Traditional Religions", and Sports (including civil rights organisations such as the NRA).[3]

It has also come under controversy for ignoring the robots.txt standard to crawl websites, removing the option for website owners to opt out of censorship.[4]

History

Websense was founded by Phil Trubey in 1994. It went public in the year 2000.[5]

Apart from web filtering (sometimes referred to as "censorware") or internet censorship, the company provides email security, and data loss-prevention technology. The software also tracks individual internet usage for the purpose of collecting and reporting on any browsing deviating from the standards set by the library, government or other employer, and its reports can be data drilled by "risk class, category, URL, application, user, workstation, dates, and more."[6]

Websense allows system administrators to block access to web sites and other protocols based on categories. These contain lists of sites that may be blocked at will, either at specified times or permanently. The software offers clients a continue button which permits users to access an otherwise blocked category if it is work related.[7] The ability for public libraries, governments or other employers to block content based on ideology has proved controversial due to the subjects being blocked being controlled by an individual organisation or even a single individual.

Policies can be produced that control either previously identified information that contains 'tags' such as account numbers, credit card records or any combination of many variables. A score is assigned based on a pre defined set of rules and an action applied. The process can be entirely automated but relies upon either pre set policy templates or bespoke rule sets that are developed in house.

Products through acquisition

SurfControl was acquired by Websense on October 3, 2007. Websense has indicated it will continue the Surfcontrol business with a full staff until at least 2011.[citation needed]

Websense's proprietary "Deep Content Control" is software designed to protect confidential information. The company says it is a combination of its ThreatSeeker and PreciseID technologies.[8] PreciseID uses software first developed for the Israeli military.[9] The company has a Data Loss Prevention product called Information Leak Prevention, which was developed by the Israel-based data security company PortAuthority Technologies. In December 2006 Websense bought PortAuthority for $90 million.[10][11] Announcing the take-over, Websense said that it was "committed to maintaining the company's research and development presence in Israel."[10]

On January 27, 2009, Websense acquired Defensio, a security company specialized in blog plugins that help to fight spam and malicious links in the comment sections of blogs. This will help expand its ThreatSeeker Network and could be used by webmasters to warn as soon as suspicious content is posted to their websites.[12][13]

Partnership with Facebook

On October 3, 2011, Facebook and Websense announced a partnership in order to protect its users from dangerous links that lead to malicious websites and malware sites. According to TechCrunch,[14] “Going forward, when a Facebook user clicks on a link, the new system will first check the link against Websense’s system to determine whether or not it’s safe. If it’s not, a message is displayed warning the user that the link is potentially harmful and suggests you return to the previous page.”

Controversy

The Guantanamo Bay Naval Base uses Websense software as of November 2009[15]

Blocking errors

On occasion, Websense's filter has categorized notable sites in error. In 2007 Norman Finkelstein and Noam Chomsky's websites were blocked by network administrators blocking the 'racism/hate speech' category for approximately 24 hours until Finkelstein complained.[16] In 2009, Websense briefly classified router company Cisco's website under 'hack sites'.[17] The blocking of cisco.com was solved in less than 24 hours, but it illustrates that the problem of false alarms is not restricted to antivirus software.[17] Websense had a submission form on the website to report mistaken categorization.[18] The submission form is no longer available without an account.

In a 2005 report the Rhode Island branch of the American Civil Liberties Union called Websense a deeply flawed technology.[19] It refers to an earlier 2001 report on the inaccuracy of the software, and notes that the Children's Internet Protection Act was struck down in 2002 by a federal court in a decision that was partly based on similar reports.[19] It further notes that, although the blocking technology has improved over the years since 2002, it still remains a "blunt instrument" and that in public libraries equipped with Websense people of all ages "are still denied access to a wide range of legitimate material." [19]

In 2011 it was reported by a blogger that Websense would block pages that contained pornographic links anywhere in its content, even in the comments section; "a malicious attacker could get your whole site blocked at any time by the simple procedure of leaving dangerous, malicious or pornographic links in a blog's comments".[20]

Usage by governments

In 2004 Amnesty international listed Websense as one of several foreign companies which had reportedly provided technology that was used to censor and control the use of the Internet in China.[21]

In 2004 the OpenNet Initiative reported that Websense technology was used by the government in Yemen to enforce censorship of the internet.[22] In 2008 it was denounced again by the Yemen Times.[23] The company has a policy of not making business with governments that force censorship of the internet or oppress rights. The only exceptions are for preventing minor from watching adult content and for child pornography.[24] In 2009 it issued a statement about how they were discontinuing the database downloads to the Yemeni ISP, due to the violation of its stated policy.[25][26] but reporters from ONI infer that Websense software was still being used by Yemen’s ISP, YemenNet, to censor Internet access as late as August 2010.[27] Websense was finally discontinued in Yemen sometime around January 2011 [27] and apparently it is no longer being used in any Middle East or North Africa country.[20]

On November 1, 2011, Websense General Counsel, Michael Newman, released a public letter to “challenge all other American technology vendors to join us in prohibiting repressive regimes from using American technology to prevent open communications.”

The letter’s call for action included, “If you are an executive at a security company that makes software that can be used to censor internet activity in repressive regimes, we ask that you support the right course of action and stop selling repressive tools to oppressive regimes.”

In response, the Electronic Frontier Foundation noted, “Websense is pointing to the technology sector in the direction of promoting freedom; BlueCoat represents the aiding oppressors. The choice for other tech companies is clear, and kudos to Websense for leading the way.”

References

  1. ^ Peacefire WebSENSE Examined
  2. ^ 44 U.S.C. § 3542(b)(1)
  3. ^ a b "West Censoring East: The Use of Western Technologies by Middle East Censors, 2010-2011y". OpenNet Initiative. 2011-03. Retrieved 2012-01-28. {{cite web}}: Check date values in: |date= (help)
  4. ^ "websense violating robots.txt to scan your web site, gmane.comp.security.ids.snort.emerging-sigs". Michael Scheidell, Emergingthreats.net. 2011-03. Retrieved 2012-01-28. {{cite web}}: Check date values in: |date= (help); External link in |work= (help)
  5. ^ "He's All Business On the Internet, Phil Trubey Unveils His Latest Venture Even Though He Could Retire Today". San Diego Business Journal. 2000-12-11. Retrieved 2008-08-04.
  6. ^ Websense: reporting tools.
  7. ^ Websense: list of the categories used to classify the URLs.
  8. ^ Websense: Deep Content Control
  9. ^ Websense: PreciseID. 24 May 2009 archive.org copy
  10. ^ a b Israel-Times.com Websense to acquire portauthority for 90 million in cash (broken link 26/Feb/2008).
  11. ^ Robert McMillan, IDG News Service (2006-12-20). "Websense to buy PortAuthority". InfoWorld. Retrieved 2008-08-04.
  12. ^ Websense acquires Canadian blog-spam fighting security company, Maxine Cheung, itbussiness.ca, 2009-02-04
  13. ^ Robert McMillan, IDG News Service (2009-01-27). "With Acquisition Websense to Silence Comment Spam". PCWorld.
  14. ^ http://techcrunch.com/2011/10/03/facebook-partners-with-websense-to-protect-users-from-malicious-sites-and-malware/
  15. ^ Dustin Robbins (JTF Information Assurance Security officer). "Making sense of Websense (copy at File:The_Wire_Issue37v10.pdf)" (PDF). The Wire, issue 37, volume 10, p. 4, November 6, 2009.
  16. ^ Websense filtering out this site, official website of Norman Finkelstein, "Reader letters: reply from Websense stating that www.normanfinkelstein.com has been reviewed and now categorised as 'News and Media'"
  17. ^ a b John Leyden (2009-03-20). "Websense mistakes Cisco.com for hack site". The Register.
  18. ^ See something wrong? Suggest a category change using the Site Lookup Tool or email suggest(at)websense.com. For all other categorization-related inquiries and Site Lookup Tool feedback, the public can access categorization information at the Ace Insight tool. [1]
  19. ^ a b c The Rhode Island affiliate, American Civil Liberties Union (April 2005). "R.I. ACLU releases report on "troubling" internet censorship in public libraries". Archived from the original on 2008-12-08. {{cite web}}: |archive-date= / |archive-url= timestamp mismatch; 2008-12-05 suggested (help)
    * full report.
  20. ^ a b West Censoring East: Or Why Websense Thinks My Blog is Pornography, Jilian C. York (coauthor of the 2010-2011 ONI report), March 28, 2011 "I will say that Yemen has stopped using Websense and we’re not aware of any other countries–at least in the Middle East and North Africa–that use the software."
  21. ^ China: Controls tighten as Internet activism grows "Cisco Systems, Microsoft, Nortel Networks, Websense and Sun Microsystems", citing Amnesty International: People’s Republic of China: State Control of the Internet in China, ASA, 17/007/2002, November 2002.
  22. ^ Internet Filtering in Yemen in 2004–2005: A Country Study. OpenNet Initiative.
  23. ^ Jane Novak (6–9 March 2008). "Internet censorship in Yemen". Yemen Times. No. 1135 (volume 8). The government ISP automatically denies internet requests from Yemeni users by using Websense and Antlabs to filter internet content. Websense enables the government to block websites by category and to define specific internet sites to block
  24. ^ Websense Issues Statement on Use of its URL Filtering Technology by ISPs in Yemen "Since we were informed about the potential use of our products by Yemeni ISPs based on government-imposed Internet restrictions in Yemen, we have investigated this potential non-compliance with our anti-censorship policy. Because our product operates based on a database system, we are able to block updated database downloads to locations and to end users where the use of our product would violate law or our corporate policies. We believe that we have identified the specific product subscriptions that are being used for Web filtering by ISPs in Yemen, and in accordance with our policy against government-imposed censorship and compliance review policies (http://www.websense.com/content/censorship-policy.aspx), we have taken action to discontinue the database downloads to the Yemeni ISPs"
  25. ^ Websense Sets the Record Straight on its Anti-Censorship Policy, Websense General Counsel Mike Newman, 20 August 2009, "The simple answer is that we don’t want or need that kind of business. The purpose of our Web filtering and Web security products is to make the Internet a safer place to do business, ensuring security and organizational productivity, while limiting legal liability for employers. Government censorship is not on our product roadmap."
  26. ^ a b West Censoring East: The Use of Western Technologies by Middle East Censors, 2010-2011 , March 2011, Helmi Noman and Jillian C. York. "From this we may infer, but not definitively establish, that Websense categorizations were still being received and updated in Yemen as of August 2010."

Further reading

  • Access Denied: The Practice and Policy of Global Internet Filtering, Ronald Deibert, John G. Palfrey, Rafal Rohozinski, Jonathan Zittrain, MIT Press, 2008. ISBN 0262541963, 9780262541961

External links