17 Comments

Summary:

Suppose you’re a mobile web worker who depends on constant connectivity to work effectively. You’ve got the dozens of web sites you visit for information, the social networks where you can ask a quick question, the IM services that hook you up with the rest of […]

ScreenshotSuppose you’re a mobile web worker who depends on constant connectivity to work effectively. You’ve got the dozens of web sites you visit for information, the social networks where you can ask a quick question, the IM services that hook you up with the rest of your team. And then you step into the building with a brand new corporate customer…and discover that paranoid IT policies have blocked off 90% of what you use on the internet.

Such is the situation facing WWD reader LJ, who writes to list some of the problems with these policies:

  • Instant messaging of any kind is blocked. Limits getting a quick answer from a vendor or someone who can advise me.
  • Picada and a couple of other online productivity tools are blocked.
  • Some standard news sites are blocked. Limits research capability.
  • Anything listed as online storage and social media is locked. For instance, I have networking contacts on Ning, Wetpaint, and Facebook, who I might need to contact for a scrap of advice to finish a task, but these are blocked.

We all know the problems. Here are some potential solutions.

Use a Dedicated Email Interface – There are a few companies out there whose business is making the functionality of web sites available via email. MoDazzle, for example, gives you a free email/text message interface to Facebook, LinkedIn, SalesForce, and more. Similar service NutshellMail (currently in closed beta) is designed to automatically send messages from your social networking accounts to your by regular email.

Use a Web-to-Email Gateway – Other services exist that can take just about any web page (so long as it doesn’t require a login) and send it to you via email. Web2Mail and WebToMail are two of these. I’ve had mixed luck with this sort of service, though; it seems that such servers are often overloaded, and so actually getting a message back can be a hit-or-miss proposition.

Use a Proxy Network – Ready to step up a bit in complexity? See if you can get out to the Tor proxy network. If you can, this should give you anonymized surfing to just about anywhere else. We’ve covered some easy alternatives for connecting to Tor, including OperaTor and various Firefox add-ons.

Build Your Own Proxy – If nothing else works, consider setting up your own proxy server. If you have a machine around that you can connect to via SSH, and you put a SOCKS proxy on it, you should be able to tunnel all traffic securely back home and then get to anywhere else via SOCKS. Put your SSH server on a standard port (like 443 or 21) and you’ve got a decent chance that it won’t be blocked. The FoxyProxy site has some good tutorials on setting up your own proxy server.

Skip the Network – You’re mobile, so why are you going through the corporate network in the first place? Use your EVDO or 3G connection, or see if there’s a coffee shop with wireless access within range of your temporary desk.

Deal with the Policy – Finally, we’d be remiss to cover this topic without pointing out that it may be a bad idea to deliberately contravene your client’s corporate policies. You should seriously consider sitting down with whoever hired you to explain why you need access – and to point out that it’s going to cost them more to have the job done if they insist on crippling your work. It’s entirely possible that the corporation already has a procedure in place to open up access for those who truly need it.

Do you have any tips of your own for dealing with corporate internet blocking policies?

photo credit: stock.xchng user valike

  1. Why bother relying on the client’s network at all? When consulting on-site, I always use my own EVDO card to connect to those services that I rely on for *my* business. I only use the client’s network for the work which I do for them.

    Share
  2. When working on-site at clients, we would use logmein or gotomypc to connect to our desktops from within the client’s network. Since it’s all browser-based, it let us through without a problem. This worked well for e-mail and most other things we needed external access for. For IM services, we just used Meebo, since that’s also completely web-based. Generally anything web-based is the way to go, since IT policies typically lock down other port numbers, but almost always leave HTTP services alone.

    Share
  3. I’m with Kimberly. If access to my external services is critical to my conducting business, I make sure that I have that access without relying on anything from my client.

    Using any means to bypass their restrictions without their knowledge is counterproductive to the relationship that I build with them.

    SB

    Share
  4. Talk to their IT administrator. Most of them deal with internet-policy related requests all the time, and if you can make a justification for allowing access to certain things, it’s not that tough for them to allow you into those sites.

    Corporations using the more expensive blocking software will have most proxy servers locked down, although setting up your own is always possible. However, the IT admin can see where you’re going and if they figure it out, they definitely aren’t happy about it.

    Share
  5. Any IT admin who is locking down the network but letting unknown machines onto the network has no idea what they are doing. Letting an unknown client onto your network is far more dangerous than letting people send IMs.

    All my corporate clients are on one network with a strong firewall and full content control. We have a separate network for clients, vendors, etc… who are free to connect when they are in the building. They get no firewall, no filtering and no access to our internal resources. They are free to do whatever they want because they can’t interact with my corporate clients.

    Share
  6. The last one is the best option. Think of this beforehand so everything can be arranged. Also consider the option of asking for an internal account and machine. Sometimes you also need internal (VPN) access which is only available for “internal users”. Go through the red tape and also use this time spent with IT to build bridges. It doesn’t hurt to show appreciation and interest for what they are doing.

    Share
  7. I wrote about these very same issues a while back. The most logical solution for any modern road warrior is a mobile broadband (EVDO/Edge) adapter. If connectivity equals productivity, this seemingly significant investment can provide the networking you need. Most mobile workers don’t have a genuine need to access a client’s internal network. This just makes everyone’s life easier. It’s also likely tax-deductible as a business expense.

    Share
  8. @ax0n
    You will have the need if whatever you work on for the specific company runs on secured internal servers. If this is not the case then the LJ in the article needs to ask herself why she’s there in the first place.

    Share
  9. SSH tunnels to the rescue!

    Apart from being very handy on networks with limited connectivity, you also get the added benefit of being able to secure your communication while on unknown networks :-)

    Share
  10. If you’re working for the company as an employee it’s something you have to deal with, it’s part of their policy. If you’re freelancing and working onsite for them, ask the IT administrators to set up an account for you to login or a seperate group with not as much restricted access. If neither of those are your cup of tea, get mobile internet.

    Share
  11. I’d say that VPN helps to to get around Internet blocking.

    http://blacklogic.com

    Share
  12. Just use remote desktop and remote in to your home PC.

    Share
  13. Also you can use something vpn service to unblock blocked resources. It’s more stable then proxy, TOR or something else. Due to traffic encyption you can prevent traffic monitoring

    Share
  14. NutshellMail provides a compliant and non-technical way for users to access personal email when blocked at work. The service works by sending recurring email Updates to work email address. The Update provide a snapshot of all new messages that have arrived in your various email and social networking accounts. Through the Update, you can select for any message to be forwarded into your work email account. Because the Update and any message forwarded are sent like any other email, they must pass through your company’s internal mail servers. Consequently, the service is compliant with all government compliance standards and most corporate IT policies.

    You can check out NutshellMail on Forbes.com at http://www.forbes.com/video/?video=fvn/tech/km_nutshell091108.

    Or visit the site at http://NutshellMail.com

    Share
  15. Here’s another suggestion. If you have a computer and internet connection at home, use remote desktop or VNC to operate your home computer. You can set up an ssh server on the home machine and make it listen on any port that goes through the company firewall then tunnel your remote desktop or VNC through the SSH connection. Not only can you then operate the home machine to do what you need to do but it’s an encrypted connection and it would be tough for corporate snooping policies to see what you are doing on that home machine.

    Share
  16. GoVPNGo http://www.govpngo.com offers free VPN accounts as well as paid service. With web panels to configure IP types and server locations freely. Anonymous browsing; Instant setup; Surpass web barries and restrictions on corporate network.

    Share
  17. Every day more and more people want to protect their privacy on Internet. Governments around the world put different kind of restrictions on Internet connections of their citizens. VPN is solution for all that with which you can bypass all restrictions and protect your privacy. Many expert predict that VPN is future of Internet freedom.

    Share

Comments have been disabled for this post