Main Menu Dept. of Technology Services Search

Enterprise Web Filter Policy

DTS POLICY 5000-0004


Status: Active Policy
Effective Date: November 8, 2016
Revised Date: 
Approved By: Michael Hussey, CIO
Authority: UCA 63F-1-103; UCA 63F-1-206; Utah Administrative Code R895-7 Acceptable Use of Information Technology Resources


Document History

Originator: Jerri Averre
Next Review: November 2018
Reviewed Date: November 2017
Reviewed By: Phil Bates, Chief Information Security Officer


1 Purpose

The purpose of this policy is to establish a baseline for restricting Internet access in order to reduce the risk of exposure to State of Utah Information Systems and Network.  

1.1 Background

The Acceptable Use of Information Technology Resources defines how State of Utah technology resources, including workstations, networks, and servers may be used. In accordance with this administrative rule, this policy establishes restrictions to reduce risk to State of Utah Information Systems containing sensitive and confidential data and restrict access to non-work sites. There is a positive correlation between access to restricted websites and the risk of being infected with malware or becoming the target of other cyber exploits. Web filtering is essential to provide proper controls to minimize security risk and to meet due diligence requirements pursuant to applicable state and federal regulations.

1.2 Scope

This policy applies to all State of Utah employees and contractors that access the Internet through the State of Utah Network.

Web filtering is applied to all networks which traverse the State of Utah external boundary firewall.

1.3 Exceptions

The Chief Information Security Officer or the Enterprise Information Security Office will review requests to bypass restricted categories due to job duties when provided valid justification from the State Employee’s or State Contractor’s Manager or Director.

2 Web Filtering

The Web URL Filter application will restrict, monitor and log Internet usage of users on the State of Utah Network. The Web URL Filter assigns web sites to one of a number of pre-defined categories. Categories which are being blocked across all State of Utah networks are defined below. The restricted categories are subject to review and may be changed at any time. Exceptions may be granted upon request, based upon work requirements. Accounts that are granted exceptions may be subject to elevated monitoring and additional security controls to protect State of Utah technology resources.

2.2 Restricted Web Categories/Definitions

Abused Drugs

Sites that promote the abuse of both legal and illegal drugs, use and sale of drug related paraphernalia, manufacturing and/or selling of drugs.

Adult

Sexually explicit material, media (including language), art, and/or products, online groups or forums that are sexually explicit in nature. Sites that promote adult services such as video/telephone conferencing, escort services, strip clubs, etc..

Alcohol and Tobacco

Sites that pertain to the sale, manufacturing, or use of alcohol and/or tobacco products and related paraphernalia. Includes sites related to electronic cigarettes.

Copyright Infringement

Websites and services that are dedicated to illegally serving videos,
movies or other media for download, explicitly infringing copyright
holders.

Dynamic DNS

Sites that provide and/or utilize dynamic DNS services to associate domain names to dynamic IP addresses. Dynamic DNS is often used by attackers for command-and-control communication and other malicious purposes.

Extremism

Websites promoting terrorism, racism, fascism or other extremist views
discriminating people or groups of different ethnic backgrounds,
religions or other beliefs.

Gambling

Lottery or gambling websites that facilitate the exchange of real and/or virtual money. Related websites that provide information, tutorials or advice regarding gambling, including betting odds and pools. Corporate websites for hotels and casinos that do not enable gambling are categorized under Travel

Games

Sites that provide online play or download of video and/or computer games, game reviews, tips, or cheats, as well as instructional sites for non-electronic games, sale/trade of board games, or related publications/media. Includes sites that support or host online sweepstakes and/or giveaways.

Hacking

Sites relating to the illegal or questionable access to or the use of communications equipment/software. Development and distribution of programs, how-to-advice and/or tips that may result in the compromise of networks and systems. Also includes sites that facilitate the bypass of licensing and digital rights systems.

Malware

Sites containing malicious content, executables, scripts, viruses, trojans, and code.

Nudity

Sites that contain nude or seminude depictions of the human body, regardless of context or intent, such as artwork. Includes nudist or naturist sites containing images of participants.

Parked

URLs which host limited content or click-through advertisements, which may generate revenue for the host entity but generally, do not contain content that is useful to the end user.

Peer-to-Peer

Sites that provide access to or clients for peer-to-peer sharing of torrents, download programs, media files, or other software applications.

Phishing

Seemingly reputable sites that harvest personal information from its users via phishing.

Proxy Avoidance and Anonymizers

Proxy servers and other methods that bypass URL filtering or monitoring, or pharming.

Questionable

Sites containing tasteless humor, offensive content targeting specific demographics of individuals or groups of people, criminal activity, illegal activity, and get rich quick sites.