HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Smoothwall Framlingham Update Introduces Google as a Directory Service

Smoothwall has released its Framlingham update, making several changes to authentication, implementing an easier way to filter the Internet on Chromebooks, as well as enhancements to safeguarding and reporting.

Thanks to a new directory type, it is now possible for filtering on Chromebooks to be based on Google Apps memberships without having to use GADS to link an Active Directory to Google.

System administrators can map Smoothwall groups to Google groups allowing Smoothwall content filtering policies to be applied to Google groups. Synchronization does not occur automatically when a user logs in via their Google account, instead this is performed on demand via the click of a button.

In this release a single domain can be set up although, in future updates, Smoothwall will add support for subdomains to allow group mapping by organizational units.

This release also sees improvements made to Connect for Chromebooks, removing several of the setup steps. It is now optional for verification checks against the Google authentication service to be performed, although the verification checks are still recommended if Chromebooks fall under BYOD or are not enrolled.

Smoothwall says there will likely be changes to safeguarding following government consultation. The consultation is due to be completed by the spring and is likely to see a change in emphasis from ‘should consider’ to ‘should ensure’ with regards to teaching about safeguarding. The compliance date for these changes, if they are approved, will be September 2016. Smoothwall reports that safeguarding will be incorporated into the reporting features to help schools and other educational institutions with their safeguarding and Internet use responsibilities.

Safeguarding allows administrators to generate reports to determine whether any users have breached safeguarding rulesets. While there is the option to create more, installation sees 7 safeguarding category rulesets defined. Each of those categories has a severity level assigned to help users determine the severity of the breach. For example, radicalization – which includes terrorism – will be classed as danger, whereas breaches related to intolerance will be marked as caution.

The safeguarding report is ordered by user breaches, with the first level being the severity of the breach and the second level the number of breaches. Clicking individual users in the report will provide more detailed information on user activity. In addition to viewing the breach site, the report will also detail the websites visited for five minutes either side of the breach to allow the breach to be placed in context to help determine intent.

Email notifications can also be set based on rulesets, with notifications sent on a daily, weekly, or monthly basis to preset contacts.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.