Idaho Transportation

Office of Communications
P.O. Box 7129
Boise, ID 83707
Fax: 208.334.8563


Making (web) sense of cyber security

By Forrest Anderson
Cyber Security Officer
Second of two parts

The transportation department provides employees with high speed internet access as a business tool to be used primarily for business-related purposes. Access to the Internet places a variety of content at the fingertips of ITD employees.

This content provides employees many potential benefits and opportunities for increased efficiency, collaboration, research, communication, personal and professional development.

There also is a great deal of content on the internet which may not be appropriate for the workplace or which may present a potential security risk. It is expected that ITD employees will use their internet access responsibly and abide by department workplace policies.

Websense is the software tool used at ITD to provide another layer of defense in protecting network resources and employees from potentially inappropriate or dangerous content.

Websense allows us to actively block and/or send an alert when someone attempts to access sites which may contain content that violates computer use policy, or exposes the department to possible legal liability, or that may expose department information assets to a potential security vulnerability or risk.

Websense logs all internet access by all computers on the department’s network. Reports from these logs can then be created to determine trends in usage, bandwidth utilized and inappropriate activity.

Sites that may be blocked for security reasons include containing malicious code like Viruses, Trojans, Worms or Spyware. Some sites do this on purpose and some because they may have been compromised or hacked. Other sites that are blocked for security reasons may try to entice the user into entering information which could result in identity theft or other fraud.

Some sites may be blocked because they represent some legal liability to the department. These sites could include sexually oriented material, racist or violent content or distribution of pirated music or computer programs.

The way Websense works is through a classification system of Web sites by the Websense Corporation which then populates a database of known sites and classifications. This database is continuously updated as new sites are identified and classified. Classifications may change as sites add different content or change ownership or if they have been exploited and now contain malicious content.

The software we use checks this database and based on policies assigned, alerts or blocks certain Web sites or protocols that have been classified in certain categories. It is possible a site that was accessible last week is now being blocked because the classification in the database changed.

Here is a list of the Websense categories blocked at ITD.

Categories blocked by policy:

  • Adult material – Sex, adult content, nudity, lingerie and swimsuit
  • Games
  • Gambling
  • Militancy and Extremist
  • Personals and Dating
  • Racism and Hate
  • Tasteless
  • Violence

Categories blocked for security reasons:

  • Bot Networks
  • Keyloggers
  • Malicious Web Sites
  • Phishing and Fraud
  • Potentially Unwanted Software
  • Spyware

ITD also blocks advertising which has been shown to account for 20 to 30 percent of all internet bandwidth used.

What to do if you receive a Websense Block message
If you receive a Websense alert and block message, look at it carefully. It will give you the name of the site which was blocked and the category it was blocked under. Occasionally people will access a site that seems innocent but may have a redirect or active link to another blocked site.

Occasional inadvertent access may be expected and should be considered a good thing because you have probably just been protected from something unpleasant or potentially dangerous. Occasionally you may receive a block for a site you believe has been classified incorrectly.

If this is a site you need to access, you can request to have the site classification reviewed by contacting the Cyber Security Office. You will need to provide the site address (URL) and the reason you need access. A review of the site will be made and, if appropriate, it will be reclassified.

Occasionally you may encounter a site which should be blocked. If you think a site contains inappropriate material you can also request that the site be reviewed for classification under a category which is blocked. If you have accessed a blocked site inadvertently, you should let your supervisor know in case there is any question.

Some things to consider
The department has tried to provide as much internet access freedom as reasonably possible while still protecting the network and ensuring compliance with computer use policies. With that freedom comes the expectation that employees will use this resource responsibly.

Employees should be aware that network bandwidth or capacity is limited and that internet activity may compete with other ITD applications running on the network. Of particular concern is any non-business related activity that is bandwidth intensive, such as:

  • audio and video downloads
  • applications like internet radio
  • instant messaging (especially attachments)
  • E-bay auctions
  • stock updates
  • or any application that depends on the Internet for continuous downloads or updates, which competes with other applications and may make a user’s internet access times appear to be excessive

Employees also should not download programs from the internet that have not been approved because they may conflict with official ITD applications or could even contain some kind of potentially malicious program that could disrupt or compromise network services, applications and data. The ITD Administrative Services Policy A-22-02 for computer, Email and Internet Usage can be found under the Policy Finder on the main Intranet page.

If you have questions related to Cyber Security, or want to make comments or express concerns, you can contact the Cyber Security Officer – Forrest Anderson, 334-8158, or e-mail him at: or

Published 10-12-07