Worms/Viruses - Is Blocking Internet Access an Overreaction?

jjustice asks: "I am a Software Engineer at a company that makes financial software for the healthcare industry. We got hit hard by Nimda last week and lost a few days of productivity. Some parts of management are now convinced that the Internet is too dangerous to allow us access from our LAN. They've completely the fact that most viruses/trojans/etc come in via email (which they don't plan to block). I don't know how I would do my job without at least Google Groups and Oracle's Technet/Metalink. They're considering an isolated subnetwork or a special 'lab' for Internet access only. I would hate to have to leave my desk to look something up on the Internet. It would totally disrupt my habitual workflow. Am I just being spoiled? Do other companies have similar Internet access policies? How can I convince them that this is excessive paranoia?" Wouldn't better security and virus checking be the more prudent solution in this case? For those of you suffering from a similar problem, this submission from cpufreak might be the cure-all you are looking for: "A large number of people work in an environment where they're internet access is restricted, and they have to go through a proxy of some kind.This can be frustrating and inconvenient for you - but the employer aims to restrict your internet access in order to keep your focus on the work in hand.But can they actually do this? Chris Mason has written a little bouncer which supports most common intel based platforms, which lets you get out and quite simply do what you want, at the same time making it very difficult for them to know exactly what your doing. more details can be found here."