\"D. Clyde Williamson\"
> Point two, if you simply block the protocol without training the
> users, what makes you think they won't simply find another
> communications protocol? Java chat on a webpage perhaps? Equally as
> bad, harder to find.
I know this is an awfully elitist view, but users are usually not that
bright. The average user will say "Oh, I can't use MSN, I guess I'm
hosed" without ever considering IRC, for example. (Which is what I use,
but never mind that.) So you WILL stop 99% of the people from using a
chat by blocking MSNM and AIM.
> > b) The general user community tends to feel that access to a system requires
> > use of that system. Hence, they try to connect to their family members, long
> > lost girl/boy friends, childhood companions. (and their managers query me,
> > 'what happened to productivity?')
>
> Tell the managers to deal with users who lose productivity, that's
> their job. If they think it's a problem, they need to talk to Human
> Resources. Again, blocking this won't boost productivity, they'll
> simply find another route. HR knocking a few heads together 'will'
> improve productivity.
Sure, for a while, but they'll go back to it eventually. Blocking it may
still be a good idea. I do not, however, advocate blocking it without at
least issuing a memo explaining why.
> > c) As a complementary feature to b), they now hold an EXPECTATION that the
> > services (which I do not control) must be available for them or it is a
> > minor disaster! ("I can't do my job!").
>
> Again, this isn't a reason 'to' block. It's a concequence of
> blocking. If an employee is treated like a moron, and not told 'why'
> something is good or bad, then of course they're gonna be upset. Being
> open with employees, teaching employees simple security stuff, and
> letting management/HR do their job, makes for happy employees, and
> less headaches for you.
Some employees refuse to learn; We have that problem here, and we don't
even have all that many employees. Also, this is closely akin to the web
filtering [root cause] issue; Parents feel helpless because they don't
have any way to stop their children without seeing "nasty" things on the
web, which is what a filter is all about. This is similar, except we're
filtering packets rather than URLs. Whether either of those things are
doomed to fail is outside the scope of this email.
> > These are the reasons I am willing to block and forbid access to these
> > services and ammend usage/security policies to match the reality of life.
>
> BTW- Your electronic policies should only be electronic copies of your
> 'physical world' policies. So unless you have a policy that all phone
> calls are blocked, unless they are for business, then you're setting a
> double standard. Very yuchhy.
In most company handbooks there is a rule saying that the phones are for
business or emergency calls only. This is rarely enforced, however;
Still, it's there predominantly for liability purposes. So most
companies do in fact have such a policy. The difference is that there is
no way to determine programmatically [yet] which calls are
business-related and which are not; Making that determination requires a
human.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
