Just recently, I was asked by a customer to provide some advice for their network administrators on unblocking sites. Sometimes you have to say no, but how do you decide which to give the green light to? Here are some points to bear in mind...
- Have you looked at the whole site? There may be different content on some of the links.
- Is the domain a generic one? Maybe many sites are served from this domain. Can we limit the unblock into just one specific URL?
- Will the content change in future? If it is dynamic, what kind of content might be found there next week?
- Is there a better website people could visit for this same purpose? For example, there is no reason to unblock an image search engine other than Google Image Search, as it may not have all the safety features enforced by Smoothwall.
- What’s the reason the site was blocked? If it is a misclassification it should be reported to Smoothwall, and it will get fixed for everyone.
- Do you want to unblock just this website, or all websites of this type? Often it is better to adjust the categorisation (such as allowing all “sports” websites) rather than dealing with one at a time.
- Does it allow access to other pages surreptitiously, or draw content from other sites? Translation sites can cause this problem.
- You might be able to understand the risks of this site; but do your users? Children, for example, may not be easily able to understand risks of bullying or grooming on a social network, and less technical users might inadvertently leak sensitive information on file sharing sites.
- Are there any regulations or risk assessments you need to consider before unblocking this site?
- Does the site rely on 3rd party resources? You can use the advanced Policy Test Tool to examine these. Are these locations also safe with regard to points 1-9?