Brian J. Murrell wrote: > > Sorry, "company policy and rules" are not enough - sometimes you need >> to take steps to enforce those policies. > >Are these adults you are dealing with or children? > >I guess the general question is why do you care what people are doing on >the Internet (assuming the activity is not illegal or immoral to >humanity or the company policies) if they are doing their jobs and >meeting their targets? > >When you treat people like they are children they are going to resent >that and that damage is probably far worse than a few idle moments >chatting or surfing.
I agree 100% with that, but ... there are situations where traffic does need to be controlled. Three reasons come to mind : 1) There are big security questions. Whilst this still comes down to "do you trust your users, and if not then why are they allowed on the network", when it comes to things like military or nuclear information (I've had dealing with both) then people get 'rather sensitive' about what the network allows. However, once you get past a fairly low level then this sort of stuff tends to be on 'non connected' networks. Oh yes, and in the past I've had 'interesting' dealing with old fashioned 'security' people who cannot get out of the old mindset of 'steel mesh cages and big locks' ! 2) There are regulatory controls. For example, in financial services industries in several countries there is a legal requirement to log all communications with clients - so if a user goes off and chats with a customer (or potential customer) via IM then it can land the company in the brown stuff. Another example would be privacy legislation which in some cases effectively requires the company to log what it has done with someones personal data. 3) Because the auditors said so and management are too clueless to query them ! At my last job we came under Sarbanes Oxley because we were a subsiduary of a US group. The auditors used to come up with various things they 'expect' to see on the computer systems - some of them really didn't make sense for us, but the management just said "yes we'll do it". We then got the job of implementing it - except where we could turn around and say that the system doesn't support it (and I could have told you that if you'd asked) or it really isn't a good idea because it <insert reason, usually it breaks something else> (and I could have told you that if you'd asked) ! The problem with IM is simply that it's adapted to get through firewalls that have tried to block it, but some people really do need to block it. ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
