2000-02-28-15:03:58 [EMAIL PROTECTED]:
> Far from raining on the parade, the faq response you reference
> ignores both the technology available to solve the problem and the
> human resource issues facing most companies today.
No, it states the reasonable position that knowlegeable
practitioners understand and work with. Sadly, it sn't favourable
for your product, but hey, that's life. In the future, it would be
good, at least for avoiding this specific issue, if you tossed a
disclaimer up at the top, explaining that you work for someone whose
products are being criticized here.
> There may not be a problem in academia, but there is a very
> real problem in many corporations. We've had clients who have
> discovered employees spending four hours a day surfing porn on the
> company dime. Same thing with games and gambling.
How is this different than the same idiot employees bringing
in books or magazines to read, or games to play? Do these same
employers search them on the way in and out every day looking for
such non-work-related contraband?
> Now with pay-for-surfing portals, companies are starting to see
> employees spending hours making money using the T-1 to surf
> instead of doing their jobs (see ValuePay.com, SurfRewards.com,
> CashSurfers.com).
I've known employees to use the company telephones to conduct large
amounts of private business, at least briefly; they didn't remain
employees for long. Amazingly, this didn't require special analytic
systems in the telephone switch, either.
> Companies that are concerned about workers spending too much time
> on recreational surfing, have a right to limit how their network
> is used.
Sure, but is that a good idea? Yes, it will catch people who don't
take the trouble to sidestep the screening software.
But it's far, far better to treat the problem as what it is, a
people problem, and not try (and fail) to kludge up a technical
fix. If your employees are insufficiently productive, it doesn't
matter whether it's because of recreational use of the WWW,
reading a paperback in their cubicle, or just napping. Or even
just being slow, inefficient employees. If you care about employee
productivity, find a way to determine whether you have enough, don't
waste time trying to pick off one particular loss point, ignoring
all the others, and pretend it's somehow different in kind. Better
still, if you do have productive employees, don't worry about
whether they spend some time doing things with the internet that are
perhaps not specifically work-related; could be anything you do may
hurt the productivity you're enjoying. Instrument the productivity,
don't waste time attempting to find one particular thing that might
detract from it.
> Companies have a legal responsibility to prevent their network
> from being used to display non-work related material that may be
> offensive to co-workers.
Yup. One possible source of such material is the internet, and some
fraction of the dumbest employees would be blocked from getting at
such stuff by screening software.
Far, far better to simply instrument what everyone does, and
advertise widely that the instrumentation is directly visible to
anyone and everyone. Put a simple proxy in place, digest its logs
into a database, and provide a nice CGI so anyone can ask who
browsed any URL containing a string, and what URLs any user
downloaded.
> Civil libertarians have a real problem with this, unfortunately,
> they usually hire the same lawyers who are suing corporations for
> fostering hostile environments by allowing racist, sexist or other
> offensive material to be displayed in a browser or forwarded in an
> e-mail....
This isn't a civil liberties issue, it's a management issue.
> The best solutions available today are a combination of content
> filtering on the content of the pages themselves (there are
> several applications out there, including ours), coupled with a
> clear corporate policy on appropriate use of network resources.
I do like some kinds of content filtering; I definitely favour e.g.
http proxies that strip out all java, javascript, and active-x.
Enforcing appropriate use policies, though, that's a breathtakingly
stupid thing to do in code. Use people, they're better at it.
> The company is also better served if it is prepared to manage
> its employees. Simply blocking access with a block list or an
> appliance doesn't change behavior, it even presents a challenge
> to the more technically inclined. But the technology exists to
> provide feedback to managers, and allow them to tell employees to
> knock it off,... before a small problem becomes a big problem.
Yup, in fact the block list and "inappropriate content screening"
are a bad idea, and the only useful part is the information
reporting. And that's well done with off-the-shelf open source
components.
-Bennett
PGP signature
