[techtalk] Bad surfing habbits part two
Liese
liese at pandora.be
Sat May 26 18:57:29 EST 2001
Hi,
Thanks to everybody for your replies. I've bundled some of the things, but
its still long.. sorry for that..
Mark wrote :
"Get each user to read, and sign, a computer usage agreement
contract. This says that work facilities will only be used for work
purposes, and though reasonable allowances will be made, downloading of
objectionable material is strictly prohibited and suitable warnings,
followed by dismissal, will be the result of a breach of this contract."
We did this but some people simply refused and we had no support from upper
management so we cant *make* people.
We also found out that such a document is - legally i mean - worthless. It
does not give us the right to check surfing (and email) habbits, it doesnt
even give us the right to fire someone when they ignore it.
"a possiblity also includes suspension of internet access; if this makes
the users job impossible to perform, thats a fairly good motivator to not
break the rules / risk being sacked for inability to complete their jobs"
Once again no support from upper management. If we lock down internet
access the user complains to his boss, his boss complains to mine and I am
told to enable it again because this users cant work without.
Paul wrote :
"Not really wanting to plug any commercial products but it does sound like
the only way would be to stick in some sort of filtering proxy that uses
content-based filtering.. "
I have been thinking about this too.. However, surfing is only one part of
the problem, email is another. But I'll look into "surfcontrol"it sounds
interesting.
Keith wrote :
"Privacy concerns aside, if the Company owns the System, then System Rules
should not fall under the section of Law concerning privacy."
Ah, but they do.
As far as i understand it we are alowed to keep track of how many mails a
user sends or receives, but we are not allowed to keep logs of who the mail
is from/to and what is in the body. However, it is very hard to check if a
mail is work related without checking out the body.
The same with sites, we are alowed to track which sites are visited and how
many times, but we are not allowed to track which users visits which sites.
James wrote :
"If I understand you correctly, the problem is not the content they are
downloading, but the fact they're using a large amount of bandwidth to do it?"
Actualy its both and none. :)
What I mean is : i dont really mind that users sometimes surf a little or
send some emails with funny pictures in. I dont mind that some people cant
start a working day without seeing some "meat". People are people and we
spend enough time at our job as it is.
What bothers me is that some users don't know the limit and what really
bothers me is that uppermanagement AND the government take way any power
you might need to keep those users in line. And leave you with nothing to
defend your system with.
And valuable resources like bandwidth, diskspace, my time (keeping track of
it all), their time (the work isnt getting done whilst surfing) , the pc
support team's time ( because they have to fix the consequences : virusses,
crashed computers, ...), security, ... are wasted.
"So if you can't filter effectively, what should you do? I'd look into
Squid's "delay pools" facility: this will allow you to restrict user
bandwidth quite effectively, allowing fast "bursts" but throttling big
downloads to conserve bandwidth for other users, and other useful things."
Thx, ill check this out..
"Setting your mail server to block some or all attachments could be a big
help here: if you do have a lot of mail traffic, attachments are probably a
large part of that. "
We do that allready, its part of our anti virus policy (and it has saved us
from morevirusses then our AV software). We block exe, com, bat, cmd, scr,
vbs, avb, html, xhtml, ... But we cant block jpg, gif, zip because some
people need this. :(
"Beware of driving your users to using a webmail service, though; if you
stop them using your mail system, they could switch to Hotmail or similar."
I have disabled Hotmail (and others) on our proxy server. This has saved us
huge amount of surfing time.. :) Really, some users were on this site for
more then 200 hours a month, refreshing often.
Walt wrote :
"How about a mass deleting of people's archives of non-work-related content
followed by a note that says <snip> "
Actualy we do that, attachments older then three weeks are automaticly
deleted and once a month my coworker runs a check on the attachmentsfolder
from all the computers from the netwerk and deletes "unnecessary" items.
But this is a slow manual labour which cannot be automated. (Files on the
c-drive are not backed up and so just deleting them would also delete
important fiels)
Anyway, I am glad that i am not the only one with this problem. I do feel
better..
After hearing some of your replies is is obvious that current laws are not
sufficient to deal with these issues, and not only in my country..
Greetings,
liese
Ps: im sorry for the occasional spelling error.. english isnt my native
language..
More information about the Techtalk
mailing list