> As the security admin for a large law firm, we recognized that content
filtering packages were not going to be as effective as logging and policy
enforcement. But we had to include it more from a "due dilligence" perspective
as opposed to stopping any prohibited surfing. In the event of a law suit we
have to provide evidence that we have done all we can to prevent this type of
access, and the few thousands of dollars to implement it, could save much much
more in the event of a suit.
>
> So, basically, the content filtering people make alot of money off the fear
getting sued!
>
i'm curious - consider two content filtering stances - (btw, geek here
- not lawyer):
a)
"we log all internet access. internet access is for work related material
only. violations of this policy will be dealt with. the company is not &
cannot be held responsible for content."
vs one which states something like:
b)
"we log all internet access. internet access is for work related material
only. violations of this policy will be dealt with. the company will do
its best to filter non-work related content by employing filtering
technologies."
which stance is more at risk from legal action by an offended employee
who happens across an offensive site which would have been blocked by stance b)
had the company provided adequate resources to keep the filtering technology
blocklist up to date? i.e. adequate sysadmin resources?
cheers,
pauline
Pauline van Winsen, Senior Technical Consultant [EMAIL PROTECTED]
eServ Pty Ltd http://www.eserv.com.au/people/pauline.html
"Another matter which must be left to your escort in restaurant dining
is any communication with the waiter. If you want something that is
not on the table you never ask the waiter direct, but ask your escort
if he will ask the waiter for it."
Dining Out - Book 3, Woman's World, circa 1964.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
