NetSTAR

TOKYO February 14th, 2008

NetSTAR Inc. (Headquarters: Shibuya-ku, Tokyo; CEO: Noboru Ogawara; hereinafter “NetSTAR”), a developer of URL filtering product technologies and services, also involved in the collection, categorization, and delivery of URL lists, hereby announces the result of The 3rd “Field Survey on Internet Management in Organizations” targeted to system administrators in large scale corporation organizations.

This survey asked system administrators in corporation organizations, each of which has a total number of employees of at least 1,000 and has installed the URL filtering product and service, about how Web access was being managed and so on. Two main points in this survey result are as follows:

(1) Although many corporations manage utilization of the originating Web sites, the PC that are taken out may be loopholes.
More than 70% of respondents raised “prevention of invasion using illegal codes”, “prevention of information leak”, etc. as the main purpose for installing URL filtering. It can be seen that installation of filtering products is positioned as a part of security investment.
Actually, approximately 80% of corporations restrict access to bulletin board site “2-Channel”, while more than 50% restrict access to social networking service “mixi”. More than a half of answers are “both traceable” for “information origination” and “file sending” using the originating Web sites. If answers of “either traceable” are counted, more than 80% are taking actions. It can be seen that many corporations worrying very much about utilization of the originating Web sites because information leak and loss of public trust may occur. For PCs that can be taken out, however, more than a half of corporations have not taken any specific actions.

(2) The analysis/tracing work is a heavy burden to system administrators whether or not any trouble occurs.
Although the large majority of corporation organizations have the systems for reporting Web access management on a regular basis, 20% of corporations require at least “2 days” as the time for documenting a report. If corporations requiring “1 day” are counted, more than 60% are engaged with such tasks. It is understood that this is a heavy burden to system administrators. More than 60% of respondents raised “log analysis” as a cumbersome work, which was the top in answers. More than 50% answered “situation analysis and looking for people concerned upon occurrence of a trouble”.
More than 50% answered “log analysis simplification” and “warning function” as function improvements needed for filtering products. Additionally, “filtering for the takeout PCs” and “identification of the user who is originating information utilizing an originating Web site” were raised. More active functions are being pursued to let system administrators find signs of problematic behaviors.

NetSTAR will utilize the findings obtained in this survey for research and development of filtering engines and URL research processes. We will continue to contribute to creation of the environment allowing the users to utilize Internet efficiently, safely, and at ease through development and offer of new products and services.

■ Background of survey
Permitting the employees to access Web without any management is becoming an acute management risk to corporation organizations. This survey by NetSTAR targets large-scale corporations that may have taken relatively advanced actions and intends to grasp the actual status of Web access management in organizations and the actions being required by them.

■ Survey procedures
This survey was commissioned by NetSTAR to Macromill, Inc. and implemented on November 19 and 20, 2007. For survey, a Web questionnaire was used. System administrators who were 20s to 50s of age in corporations with at least 1,000 employees that have installed URL filtering were the target. Age distribution was 17% for 20s, 45% for 30s, 30% for 40s, and 8% for 50s. The male/female ratio was 88% for male and 12% for female. The number of valid answers was 515.

■ Result and comment on main survey items
▼ The main purpose of installing URL filtering is information security.
-As the main purpose of installing URL filtering, more than 70% answered “prevention of invasion using illegal codes” and “prevention of information leak”, respectively. They are positioned as a part of information security. (See Graph 1.)
-More than 70% have installed “encryption software” and “mail filtering” additionally for “prevention of information leak”.(See Graph 2.)

▼ Information leak via takeout PCs provokes anxiety but no actions have been taken.
-More than 60% answered “which PC would be taken out was grasped”. Only 20% of system administrators permitted unlimited Internet access for takeout PCs.(See Graphs 3 and Graphs 4.)
-Nearly 90% worry about information leak via takeout PCs. However, more than a half have not taken specific actions such as restriction of using originating Web sites with software products. The reasons were “users may stop the use at their disposal”, “installation is cumbersome”, and “products are not provided (not known)”. Products solving these problems are waited.(See Graphs 5, Graphs 6, Graphs 7, and Graphs 8.)

▼ Most organizations can trace information origination using originating Web sites.
-For originating Web sites, approximately 80% of system administrators actually restrict access to “adult blogs” and “2-Channel”, and more than 50% restrict access to “mixi”.(See Graph 9.)
-Regarding “information origination” and “file sending” using originating Web sites, more than a half of system administrators answered “both traceable”. If “either traceable” is counted, more than 80% of system administrators take any actions.(See Graph 10.)
-More than 90% of system administrators worry about information leak via communication using a specific application such as Instant Messenger or file exchange software. For actions against takeout PCs, however, actions against communication using applications are a little more advanced than the actions against the use of originating Web sites.(See Graphs 11, Graphs 12, and Graphs 13.)

▼ The Web access management status is reported on a regular basis. Preparation of reports is a burden to system administrators.
-More than 40% answered the “compliance committee” as the destination of reporting Web access management, which was the top. Only 10% answered “not reported”.
More than 30% of organizations report “every month”.(See Graph 14.)
-More than 20% take “at least 2 days” for preparation of the report. If “1 day” is included, more than 60% are engaged with this work. The work burden is not small. More than 60% raised “log analysis” as a cumbersome work, which was the top. Then, “situation analysis and looking for people concerned upon occurrence of a trouble” and “policy check” follow.(See Graph 15.)

▼ Most organizations employ the access policy of “uniform in the company”.
-Nearly a half answered “uniform in the company (no exceptional setting)” for access policy setting of URL filtering. Some other organizations make arrangement in such a way as “basically uniform but a change is only made for the department that has requested for the change”. Only 10% of all organizations set the access policy for “each department”.(See Graphs 16 and Graphs 17.)
-More than 60% of administrators raised “security level cannot be kept constant” as the reason for “uniform in the company”. Then, “restricted categories cannot be managed” and “selective use is not need” follow.(See Graph 18.)
-Administrators were generally reluctant to transfer the policy setting authority to field departments but raised function enhancement needs such as the “function making the system administration department set the category for which access restriction is essential and letting the other departments and sections set the other categories” and “function allowing real-time policy check”. (See Graph 19.)

▼ The function allowing more aggressive management and warning will be needed from now on.
-More than 50% answered “a function allowing easy log analysis” and “a function of warning against suspicious users” as the function that will be needed from now on for URL filtering. Then, “filtering function for takeout PCs” and “identification of the user originating information using an originating Web site” follow.
Not only simply restricting browsing and preventing information leak but also finding the sign of a problematic behavior and grasping the situation in detail at the point of leak occurrence is needed. (See Graph 20.)

▼ For “filtering” on takeout PCs, compatibility with the installed products is the key.
-As the effective action to prevent information leak from takeout PCs, “URL filtering” commands attention in addition to “encryption software”.(See Graph 21.)
-The matters to be emphasized upon installation of “URL filtering” as one of the actions were the “restricted category is same as the category in use”, “uniform management of the policy is possible”, and “installation is not cumbersome” in order. Presently, compatibility and linkage with the filtering product (for the gateway server) currently in use are needed.(See Graph 22.)

■ About NetSTAR, Inc.
NetSTAR specializes in the development of URL filtering engine technologies and services and in the collection, categorization, and delivery of URL lists.
Its URL lists boast the largest market share in Japan for corporate filtering products, at well over 40%, and are also used widely by home filtering services. NTT DoCoMo, au, SoftBank Mobile, and Willcom have adopted the filtering service (browsing restriction) service for mobile phones and PHSes that are commanding attention in terms of juvenile protection.
http://netstar.jp

■ Trademark Information
NetSTAR is a trademark or registered trademark of NetSTAR, Inc. All other product names and company names are trademarks or registered trademarks of their respective owners.