Slashdot Mirror
Security Fears Prod Firms to Limit Staff Web Use
Carl Bialik from WSJ writes "Companies are limiting employees' use of free Internet services, such as Skype and video downloading, to protect themselves from viruses, communications traffic jams and regulatory missteps, the Wall Street Journal reports. ABN Amro's global head of strategy and engineering tells the WSJ, 'I'm not allowing Skype because I don't know what it does.' Some colleges and departments at Cambridge University also ban Skype. The limits affect executives as well as the rank-and-file, the WSJ finds: ' "I used to think nothing of checking my Yahoo mail several times a day," says Global Crossing Chief Marketing Officer Anthony Christie. Now that he can't, his long workday makes it hard to avoid using his work email account for personal messages, he says.'"
"I used to think nothing of checking my Yahoo mail several times a day," says Global Crossing Chief Marketing Officer Anthony Christie. Now that he can't, his long workday makes it hard to avoid using his work email account for personal messages, he says.
Sometimes I wonder if this is exactly what companies *want*. They don't want people to use outside e-mail (especially ones running over https) because then they can't easily monitor what their staff is doing.
If people are using their work e-mail for their personal use, the company gets to see exactly what, where, how, and when their employees are spending their own time. If the employee opts to not use their work e-mail for anything personal, the company knows that they now have the other added benefit of possible added productivity.
I'm just glad I can use SSH and tunnel everything over that. If I can't do that, I have GPRS service on my mobile device and I *could* use that for AIM, e-mail, and browsing instead.
I'm not allowing X because I don't know what it does does not necessarily equate to X is bad
Banning an unknown service from a network is the more sensible default decision for a corporate network to take. Firewalls should block everything by default, corporate desktops should stop installations of anything not checked and cleared. Why should skype be any different?
As long as it's not against company policy, you could try using SSH tunneling to hit a proxy at home. It might be a lot slower, but you can go anywhere. I've been using one written in Python for six months and haven't had a hitch.
Colin Dean Go a year without DRM
I just started as IT manager for a small advertising agency. The systems were wide open before and it seems like every machine has Limewire, skype, five different IM programs... and lots and lots of problems.
When these items cause problems that reduce productivity they have to go. It's that simple.
Due to unrestrained (and uninformed) users I now have to go over all 50 machines with a fine-tooth comb to scrub off the bad stuff. Several of these machines are probably going to have to be wiped. This is 100% due to user loaded "personal" software.
As I fix each machine they are getting locked down. I've been directed by management to prevent users from pirating music on company machines or using filesharing to share pirated music. I don't see anything unreasonable at all about that.
Any app that is well-behaved and does not expose the company to liability is fine with me. Otherwise it has to go.
If your employees only need particular websites and particular applications to do their jobs, then why would you willingly open up additional attack vectors? It's a completely unnecessary business risk.
If you have employees complaining about needing to use personal email (what did they do before email in the workplace was common?), then simply set up a shared cheap PC in the coffee room for them to use on their lunch break. Firewall it off so that when all the inevitable crap gets onto the machine, it doesn't affect any important systems.
Bogtha Bogtha Bogtha
As a consultant based overseas, using my client's corporate internet for Skype actually SAVES them a fortune. They would normally pay for the POTS international phone calls we make (VERY $$$$$), but the fact that they allow Skype means that we make all of our calls Skype-Skype without it costing them (or us) anything in call costs. Bandwidth charges are negligible in comparison.
If firms continue to be ignorant about new or alternative technologies then they will continue to be left behind. These savings can be significant over the long term, financially as well as productivity wise. Companies in the future will be split into two categories - those that embrace new technology and those that struggle under malinformed regimes run by beaurocrats who prefer the trusted path, the path of least resistance, over the newer, technologically superior one. I've seen this too many times than I'd care to remember.
What's next? Complaining that you can't use company funds to go on a vacation? Complaining that you can't use company computers to play games?
Complaining that the shackles won't let you move more than 3 feet from your desk?
Tell ya what, if I can't use the company phone/email to make that doctor's appointment or let my wife know I'll be home late, well, I'm leaving for the day, and you can fuck your deadline and TPS reports.
I work because it is necessary to maintain my life. I do not work so I can maintain yours. If we cannot formulate a reasonable social contract where we both benfit our lives by pooling our resources you will have to do without me. I am neither your mommy nor your slave.
KFG
KFG
A seriously heavy-handed comparison, but I can't resist posting this quote from Rita Hayworth and the Shawshank Redemption. Ever wonder why Andy was allowed to keep posters in his cell given how religious the Warden was?
The prison administration knows about the black market, in case you were wondering. Sure they do. They probably know as much about my business as I do myself. They live with it because they know that a prison is like a big pressure cooker, and there have to be vents somewhere to let off steam. They make the occasional bust, and I've done time in solitary a time or three over the years, but when it's something like posters, they wink. Live and let live. And when a big Rita Hayworth went up in some fishie's cell, the assumption was that it came in the mail from a friend or a relative. Of course all the care-packages from friends and relatives are opened and the contents inventoried, but who goes back and re-checks the inventory sheets for something as harmless as a Rita Hayworth or an Ava Gardner pin-up? When you're in a pressure-cooker you learn to live and let live or somebody will carve you a brand-new mouth just above the Adam's apple. You learn to make allowances.
Same goes here. Bad employee morale is definitely bad for business, because it's across the board. The guy who spends all day browing google video will eventually get discovered when his productivity tanks. It's not worth it to make everyone else in the company unhappy.
I expect a few hundred flames of this statement, but it's a rock-solid security policy. Yes, this guy probably "should" know what Skype is in most people's opinions, but his default "deny" policy for anything he doesn't know is correct, and that attitude WILL prevent trouble. On a corporate network, especially one potentially carrying any kind of sensitive data, anything not specifically allowed should be denied. If employees can make a case about what any new service is and why they need it, it can be evaluated and perhaps allowed, but it should be denied by default.
-- http://frobnosticate.com
IM is just a faster form of e-mail, and (just like e-mail) it requires discipline not to fritter away the company's time "talking" on it all day. But there have been quite a few instances where my COO or a trainer shoots off an IM during a presentation with a question. IM is useful in that it is quick and discrete.
Listen you selfish malcontent, letting you put whatever the hell you want on the company computers potentionally puts the company and its directors at risk. When your P2P music crap, or cracked shareware linefeed-corrector gets noticed by the suppliers it can cause huge problems and expenses for the company just to satiate your little cubicle fiefdom. IT admins and directors need to worry about far more than just your "getting the job done" easier. The reality is there is a lot of damage and liability these days which can come out of users free-reign over the office computers.
Don't like it? Fine, resign and start your own consulting business. Then you can put whatever crap you want on your own equipment.
{ - Generic Guy - }