Please-options 4 limiting staff's internet access

Our boss is a bit of an optimist and believes that his staff have enough strength of character to self-monitor their personal internet access during work hours and keep it to a bare minimum.*sigh*We get reminder of this trust issue, but some staff are hooked on Facebook and *ahem* Trade Me MBs!

Another department associated with our work stops all personal internet access on the computers at each desk, but allow one communal computer to access the social networking sites.I was wondering if there are any other options such as this compromise, that the boss can consider, so that it's not just a choice between no personal use, or open slather?

geek_marcusdidius, Oct 7, 8:01 pm

geek_ferita, Oct 7, 8:08 pm

Mmm, our IT dept did reports for us last year, but the boss still didn't want to directly point the finger at the particular staff that were going through heaps of websites/pages.

I was wondering if there was a way to allow access only during certain times of the day?Say only in a half hour window at lunchtime?

geek_marcusdidius, Oct 7, 8:12 pm

Set up a dansguardian proxy server, with a cron job that enables access to non-work related sites just before scheduled breaks and turns it off again afterwards. You can also use this to prevent access to 'completely inappropriate sites' from work, automatically scan downloaded files for viruses, and as a bonus you'll also get a squid proxy on your LAN that speeds up access to the most popular sites and keeps your overall traffic down slightly.

http://dansguardian.org/

geek_little_egypt, Oct 7, 8:12 pm

tell your boss to harden up.
They are there to work not piss around playing facebook

geek_ferita, Oct 7, 8:20 pm

I fully intend to, ferita.But it always pays to have a clear solution to present to a man, to soften the blow.

geek_marcusdidius, Oct 7, 8:22 pm

Thanks, that sounds like the solution we need.

geek_marcusdidius, Oct 7, 8:26 pm

Why not just install squid without Danguardian since you can set time-based ACLS?

geek_jayc2007, Oct 8, 12:21 am

Is there a productivity problem?

If there isn't leave them the hell alone.

geek_-mung-, Oct 8, 12:28 am

no tell your "boss" to get some balls he's paid to be a manager so manage, sorry pet hate of mine everyone else has to be retrained etc because a few idiots cannot do what they are supposed too.

geek_foxray2000, Oct 8, 9:04 am

Nothing wrong with directly pointing the finger.Handing out formal warnings aren't out of the question; a solid attack on it now can change the culture of what is acceptable and stop it being a problem both now and in the future.
If you block Trade Me or Facebook then the peeps might end up discovering there are other website.The problem isn't the internet, but the employees.

geek_cybertao, Oct 8, 9:15 am

+1 for squid, mutli platform too so if you CBF running/learning anything about linux and have more dollars then sense you can put it on a windows box.

geek_damon3, Oct 8, 10:20 am

presumably you go to work to achieve a certain result. If you achieve that result then internet use isn't a problem. If you don't achieve that result then internet use isn't THE problem.

Arbitrarily changing crap for no particular good reason p*sses good workers off (and they leave). Lots of people have an inner control freak. Leave it at home, it's not wanted.

At no point does the OP say that there is actually an issue with work getting done, just that people are using personal sites a lot. If they can do both, let them, they are adults.

geek_-mung-, Oct 9, 3:44 am

Totally depends on the workplace. At my work I have restricted some peoples access to some sites, some to all but the required sites and other let them do their own thing.

As far as people getting resentful over being restricted. The workplace owns the hardware, the network and the bill for internet at the end of the month. If an employee feels that they have a right to be paid to sit on facebook chewing through bandwidth with the stupid games or watching youtube videos, let them get disgruntledas they are queuing up for the dole at least they wont be all sour at work with the grown ups who can manage work time against personal time.

geek_jcmp21, Oct 9, 4:24 am

We can't get facebook, Google Earth and TM is shut down between 08.00 - 17.00 - it was consuming 30+% of the (big) company's bandwidth!!

geek_fishb8, Oct 9, 7:48 am

Some people will never be a boss. Behaviour like that and you will be looking for another job.

geek_jcmp21, Oct 9, 12:05 pm

Are you the one paying the bills at your company. I'd hope not with an quote like that. If that can spend an hour or two wasting time on FB and TM surely they could be doing something a hell of alot more productive. We banned those sites a few years ago, as they were over 50% of all traffic. With over 400 PCs, it doesn't take long to rack up a whole lot of lost productivity.

geek_damon72, Oct 9, 2:52 pm

you should be working not piss farting around on the net.
your paid to do the job your not paid to surf the net.
you can get laid off for not doing what is required by you,
by your contract alone.
so get on with your job get home and use your pc there, not your employers time and bandwidth

geek_vampire10, Oct 9, 4:23 pm

So people can't be trusted to monitor their own internet usage?

geek_badcam, Oct 9, 4:37 pm

It depends entirely on the company, the type of employees, and the kind of people you have managing them. At the end of the day though the computer and internet connection are provided by your employer so you can get your job done, not so you can goof off on facebook and youtube all day. If they're blocked, it's not going to kill you to wait until you get home to get on them! Or ask your boss if they can be unblocked during designated break times (which is quite easy to set up on a Linux box using a cron job)

geek_little_egypt, Oct 9, 4:51 pm

I can't disagree with that.

geek_badcam, Oct 9, 4:57 pm

Yup I agree I guess it does depend on the company. Bandwidth use is a good reason to restrict it although I was thinking low-bandwidth pages, not p2p or much youtube.

But "you should be working" as a reason alone is a control-freak reason. If employee X produces excellent results, you don't mess with them. What, you wanna replace them with employee Y and Z who aren't nearly as good simply because they don't browse the net? Good luck.

geek_-mung-, Oct 9, 5:10 pm

No, especially when huge bills can be accumulated, malware can be introduced to the network, and liability can be placed on the workplace for the actions of any employees.

geek_jcmp21, Oct 9, 7:16 pm

While you're at it you might as well disable the soundcard, optical drive, USB ports, and tell all your employees you only trust them as far as you can see them.

geek_cybertao, Oct 9, 7:20 pm

I know of a place that used to allow unrestricted browsing until one person was spending the day between poker sites, facebook, trademe, msn and ICQ. After a month of that person being there the internet bill was $1400 over the normal amount so everybody that was responsible had it ruined by one person. That $1400 didn't include the cost of the cleanup after the malware he introduced into the network along with the downtime of everyone else. If you put yourself in the owner of a businesses shoes and imagine you had a builder come over for an hour and he was texting his girlfriend for most of the time, did the job then billed you for a whole hour would you think its a bit off that half the time was paying for him to text?

geek_jcmp21, Oct 9, 7:25 pm

Well if he was billing me by the hour then... well actually I probably wouldn't know because I'd leave him to it, and if the job was done properly I'd never find out.

Why have one person ruin it for everyone else if that one person is identifiable?

geek_-mung-, Oct 9, 7:49 pm

I do get your points though, and if they are for practical reasons then fine.

I'm just a bit edgy about the slightly fascist tendencies of a significant portion of the population when given any sort of power and that's what I was reacting to. It gets on my nerves.

geek_-mung-, Oct 9, 7:51 pm

Personally, I think employees can be allowed to be responsible for their internet usage. I've never seen the need to go to extremes and block sites. I can see why some businesses do so, but that to, is more an indictment upon Management's ability to make sure their staff practice safe and responsible surfing. People don't need to be treated like little children in the workplace.

geek_badcam, Oct 9, 8:14 pm

A previous employer I was with for 5 years didn't restrict sites as such so TM was available. What they did was lock out download of certain file types, such as .avi, .mpg, .divx, .mp3 etc, from 8am to 7pm and this kept the bandwidth to an acceptable level. This was a network R&D multinational, so the IT staff were on the ball. We all knew our browsing was an open book so we saved the downloading for home. Result was good productivity and happy staff.Change of corporate direction and shift in development focus from hardware to software meant time for a change, but I'm still on good terms with them.

geek_flockton55, Oct 9, 8:19 pm

I've bumped this old thread cos I want to ask those that were opposed to the blocking of sites - do you feel differently if the staff are public servants ie government workers funded by the tax payer?

geek_marcusdidius, May 6, 10:43 pm

We use webmarshal at work, its pretty good. It has default list of blocked sites and does auto updates. You can limit per user etc and even pick a monthly data limit. One site I know of you get 200mb of data, anymore than that your manager is alerted, go over 500 and you have to explain to your manager why you need more data (large site with semi skilled workers)

geek_pyro_sniper2002, May 6, 11:03 pm

Interesting comments. No you can't hope users will "do the right thing" - FaceBook and YouTube are a total pain to network admin and the company ($ and lost productivity). The company owns the network. Think of it like a company car. They give u a car - for work use and I bet $ that all companies have a policy the employment contract that outlines their usage of it - must be kept clean etc. All employees should sign a Internet Usage Policy. Also - as mentioned - the employer is responsible for anything over their network - much like if you are a tool in the company car flipping the bird or burnouts. Reasonable use is hard to determine - some will go on and check emails - browse TM - read the Herald - pay a bill - all OK by me. Others I can attest to spend 6 out of 8.5 hrs a day on FB. They "seem" to be doing their job but these ones are the ones who you can't measure productivity - eg; receptionist or order entry clerks.

I am all for reasonable access - but if they want to goof off on a huge level - send them to Macca's. Wait till they get home or whatever. If YOU owned the network wait for the day half your comps are down with MalWare and u are piddling about restoring stuff. Or your ISP says you are locked out cause of Torrents or P2P (both actual cases I have experienced) or SPAM relay or when some moron has d/loaded BluRay ripped pirate movies and stored them on your Server and your backups fail.Or when the internet bill is 6x higher then normal. And when the boss kicks your a$$ say "of course our staff can manage their own internet usage - can I get a reference Sir?".

ClearFoundation will handle all the duties mentioned. Along with time limits.

:)[flame suit zipped up]

geek_groovebox, May 7, 12:24 am

Same its a good a tool that.

geek_johnf_456, May 7, 12:26 am

I spent about three hours yesterday (over logmein, so no safemode scans which makes life a bit harder) dealing with some malware infection on a work laptop. The owner was very stressed because it's important for their business that they can use the laptop..

but obviously not that important because the kids were using it at home and installed limewire, bearshare, imesh and ares on it (yes, all four!) to download music.

geek_little_egypt, May 7, 5:39 am

MMmmm, the higher managment want to maintain a profile of being progressive with up-to-date dialogue with clients via things like Twitter, Facebook etc so no blocking of sites will happen, but I appreciate everyone's comments.

I still would be interested to know, as per post 33, do you feel differently about staff using social networking sites if the staff are directly tax payer funded?

geek_marcusdidius, May 7, 8:01 am

I think there needs to be a bit of give and take - if you have an employee that won't work one extra minute and spends time on the net then there is a problem.But an employee that gives a bit back should be allowed some "flexible" time even if it is for social networking - no different to personal calls in the "old days".Public Servants - no difference to me.

geek_anne74, May 7, 8:11 am

No, no different. If they get the job done then who cares.

geek_-mung-, May 7, 8:14 am

But it's interesting the line of logic I see EVERYWHERE that so many people follow. Girl walks in front of bus while listening to ipod - blame ipod. Man goes on shooting spree while on some drug - Blame/outlaw drug. Dickhead downloads malware on computer. - Lock down internet.

See a pattern? Treat the goddamn cause - the idiot involved, not whatever the used to commit their offence with.

geek_-mung-, May 7, 8:28 am

""Treat the goddamn cause - the idiot involved, not whatever the used to commit their offence with""

Well that is why web filtering and monitoring is needed - how do you know who has done what? That's why you need a report - "Mary you seem to be spending a lot of time on FB - why?" "No I am not!" - "Here Mary here is the report that says otherwise".

Same with those companies who have GPS in vehicles (tracking) - you can use the vehicle for whatever you like after hours within reason (case by case basis) BUT within work hours we will monitor you.

If they get the job done then fine - I promise you tho that if someone is at work for 8 hrs and spending 6 hrs on FB then either they don't have enough to do (eg; downturn in economy but Mary still seems to be SOOOOO busy furiously typing away) or they are palming off their work somehow.

I agree it is a total pain and 1984 - but I personally see the $ and the hours some people fritter away while others are genuinely working. And it is fast becoming a "right" to do FB at work.

As for social networking as part of work - eg company has Twitter or FB - as is becoming common now - I am guessing that the people posting stuff on company's behalf and time are above reproach.

geek_groovebox, May 7, 8:58 am

that would be a bit excessive, 6 hours...

BUT I'm interested to know, how is this stuff logged? I can imagine the logs don't tell the full story or make it look worse than it is. Pages that auto-refresh and users who just open links but then don't find the time to actually look at the links.
Forum use I imagine would look particularly bad compared to the reality.

geek_-mung-, May 7, 9:02 am

Squid is a reasonable logger but would not stand totally up in a court / employment court. It is not detailed enough - or it is too detailed and looks worse then it is.

But I have Squid reports for a single user where they have visited 492 unique sites within 4 hours of being at work...

Yes the Squid logs lack depth - and you have to be wary as even though they were on a porn site they may have just had the site in the background while they were working.

Use a "Mentalist" approach - if the worker goes VERY quiet and making small mouse movements - intently looking at screen - laughing every now and then... it's a sign...

Please know I am no saint and would LOVE to have everyone be responsible for their own browsing.

Think of it this way - before OSH and ACC - people could wander around the warehouse or whatever, As soon as employers were getting fined for injuries - bammo - high viz vests - visitor log books - security camera's - safety guards and so on.

Poor old warehouse manager has to do all sorts of training and keeping documents and so on and I know he hates it.

I reckon - company has Internet Usage Policy that people sign - examples on the web - then a clause in Employment Contract that says "fair use is OK but over use is not" and then refer them to the Policy. If Mary is doing her work efficiently and well and playing on FB for an hour or cruising TM then fine. But if John is spending all day on red tube or d/loading pirated movies and is a lazy bugger - why should he get a free ride?

Anyhow - everyone has the net at home...

Oh yes - I still run some old call accounting software to track the volume of phone calls - duration and number called... As do a lot of companies.

And then you have the "PIN number" color p/copiers... Mary's mom is copying 250 full color A4's of Mary's graduation or John's soccer teams party.

geek_groovebox, May 7, 9:28 am