If an organization has a policy that states, The Internet is use is for
Business Use Only. The organization then has to define Business Use (i.e.
no viewing of pornographic or sexually explicit material) That is all
nice and dandy. Once you state that in a policy, the statistics for
users viewing adult related material goes sky high.
Organizations are much better off mentioning in their organization policy
regarding Internet Use as the following: "Employees of XYZ organization
should not view material via the Internet that may be consider publically
offensive in nature to the general population of the organization" This
type of statement then allows the senior management team time to decide
what is deemed offensive or not. Just mentioning the word sexually
explicit could set off the Morality police in minutes or have the
employees scouring the state for money-hungry, ambulance chasing Copyright
type lawyers just in case the employee is caught with his/her hands
viewing "Well Hung Horse with Blond" or "Black Widow presenting Firewalls
101 in all her glory"
Again, if one wants to start maintaining a list of adult sites, then you
also have to create a block list for sites like : Gambling, Firearms,
Satanic Worshipers and maybe even Firewalls.. (The word Firewalls in some
people's mind can have sexual overtones)
In reality, one should really creating a HTTP/HTTPS service redirection
request displaying the following: "All Internet activities are logged and
some of the words from the Acceptable Use Policy", and make the user click
"Yes" I accept and understand the warning message and actions that the
corporation may take against if I view blah blah sites.. Then allow the
user out. The user has to make a conscious effort before they go "Porn
Surfing"
This type of quick hack also cuts down on the amount of administration
hours one must dedicate in keeping up with those pesky sites.
Finally, If the security consultants who set up the firewall for the
Whitehorse had only just registered .com, there would be one less sexually
related site on the WWW.
/cheers
/mark
"Eric Dencer" <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
02/28/00 01:19 PM
To: <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
cc:
Subject: Re: Preventing access to adult sites.
I agree completely. Especial with the last paragraph of what you are
saying.
Running a companies network is a lot like letting children on the
internet. You need to know what is going on. Just saying NO is not enough.
You need to have a clear and enforcable policy that prohibits that
behavior at work. You need to have TOOLS that let you know when those
policies are violated and you need to enforce the policy through dicipline
and expectations.
Eric
>>> <[EMAIL PROTECTED]> 2/28/00 >>>
Far from raining on the parade, the faq response you reference ignores
both
the technology available to solve the problem and the human resource
issues
facing most companies today.
There may not be a problem in academia, but there is a very real problem
in
many corporations. We've had clients who have discovered employees
spending
four hours a day surfing porn on the company dime. Same thing with games
and gambling. Now with pay-for-surfing portals, companies are starting to
see employees spending hours making money
using the T-1 to surf instead of doing their jobs (see ValuePay.com,
SurfRewards.com, CashSurfers.com).
Companies that are concerned about workers spending too much time on
recreational surfing, have a right to limit how their network is used.
Companies have a legal responsibility to prevent their network from being
used to display non-work related material that may be offensive to
co-workers. Civil libertarians have a real problem with this,
unfortunately, they usually hire the same lawyers who are suing
corporations for fostering hostile environments by allowing racist, sexist
or other offensive material to be displayed in a browser or forwarded in
an
e-mail....
You're right, if your solution is a low-tech block list, you won't solve
the problem. List based blocking *can't* solve the problem. There are
plenty more sites out there with pornography, gambling, or any other
non-work related content. And even the best block lists aren't keeping up
with the number or new, recreational sites being added each day.
The best solutions available today are a combination of content filtering
on the content of the pages themselves (there are several applications out
there, including ours), coupled with a clear corporate policy on
appropriate use of network resources.
The company is also better served if it is prepared to manage its
employees. Simply blocking access with a block list or an appliance
doesn't
change behavior, it even presents a challenge to the more technically
inclined. But the technology exists to provide feedback to managers, and
allow them to tell employees to knock it off,... before a small problem
becomes a big problem.
Regards,
Duncan Perry
Elron Software, Inc.
---------------------- Forwarded by Duncan Perry/Elronsw on 02/28/2000
02:16 PM ---------------------------
"Eric Dencer" <[EMAIL PROTECTED]> on 02/28/2000 12:39:47 PM
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
cc: (bcc: Duncan Perry/Elronsw)
Subject: Re: Preventing access to adult sites.
I hate to rain on the parade of the wonderful information. I suggest that
you all read the Firewalls-faq at http:\\www.faqs.org/faqs/firewalls-faq
Specifically section 3.12
If your employee want to get to those sites, they will activly find a way
to circumvent any filtering or blocking that you implement.
This is not a technology issue, more like a values issue.
Eric
>>> "Michael Enk" <[EMAIL PROTECTED]> 2/28/00 >>>
Hi all,
I want to prevent my internal users in accessing different sites,
especially
the adult sites like playboy and so on. My problem is that I do not want
to
look through the hole internet for this kind of sites. Does anybody know
if
a list exists containing information about all this sites. I could then
add
the sites into my host black list.
Best regards,
Michael Enk
IT Project Manager
GN Nettest A/S
Kirkebjerg All
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
