Among the many simultaneous technical projects at the Connecticut-based healthcare company where I work, we’ve rolled out a fairly significant medical imaging solution providing mobile and web access for referring physicians and others. For aesthetics and marketing purposes, we chose to launch this Internet-facing platform using a new dot-com domain name rather than use a subdomain of our existing web presence. From a technical standpoint, all of this is very straightforward so far.
Recently we began hearing that our new domain name and web site were being blocked by the web filtering products used at two hospitals, one of which may be the most well-known health system in the state. So I began talking with the technical folks at the first hospital system. Initially I was told that we’d need to secure the signoff of one of their Department Heads or Vice Presidents in order to get an exception added to their web filter that would allow their users to access our site. Of course I found it a bit curious that they would trust the algorithms and definition files of a faceless security vendor over the judgement of their rank-and-file staff. At any rate, they eventually relented and granted the exception.
Meanwhile, it occurred to me that most hospital systems, corporations and schools trust software from companies like Websense, Barracuda and Sophos to properly scrutinize and categorize web content and either block or allow it. An internal administrator using one of these products typically allows or blocks whole categories of content at a time rather than concern themselves with individual sites. They might allow news or healthcare categories while blocking access to gambling, pornography or hate speech. So I decided to go to the source(s), and try to get our new site properly classified.
The following is a list of the web security vendors that I contacted, hyperlinked to the relevant page as of the date that this article was posted. Feel free to add additional web security vendors as comments. Bottom line, after launching any new web site, it may be worth a few minutes to contact these services that act as gatekeepers within thousands, perhaps millions of organizations. And if you hear that your site has been blocked, try to identify the product that is blocking it, and work directly with that security vendor for a resolution. This effort will have a much wider impact than trying to work with the IT team at every individual institution that can’t access your content.