Comments on: Corporate Web Site Blocking & Monitoring: Best Practices?

By: Deborah Fike

Deborah Fike — Tue, 02 Nov 2010 18:39:57 +0000

Different people work at different paces. Why bother making sure they’re working exactly 8 hours a week when you can assign them tasks and measure on output. Output is a much better measure of productivity than “time not spent on the Internet.”

By: Jim Hayes

Jim Hayes — Mon, 26 Apr 2010 00:22:56 +0000

Hi Tony - My company is going through these discussions and your post was helpful. I would like to setup a process where each team member can see their own internet usage data as other members of their team (promoting transparency).

Are there a few solutions for actually performing the monitoring that you would suggest?

By: RevenBlog » The Airtight Inbox: A Day In the Life Of an Email Productivity Evangelist

Sat, 28 Nov 2009 06:25:10 +0000

[...] and distractions until noon. When I turn on its nifty “Get Focused…” feature, it actually blocks distracting sites from my web browsers, without needing much customization. (Disclosure: RescueTime is backed by True [...]

By: The Airtight Inbox: A Day In the Life Of an Email Productivity Evangelist

The Airtight Inbox: A Day In the Life Of an Email Productivity Evangelist — Wed, 25 Nov 2009 21:02:08 +0000

[...] social networks and distractions until noon. When I turn on its nifty “Get Focused…” feature, it actually blocks distracting sites from my web browsers, without needing much customization. (Disclosure: RescueTime is backed by True [...]

By: ravi

ravi — Sat, 03 Oct 2009 18:27:26 +0000

Eight hours a week!!???!!! Are you nuts? If I pay someone to be at work i expect them to be working. Eight hours a week of goofing off is OK? Now I’ve heard everything

By: Boracay

Boracay — Tue, 08 Sep 2009 00:38:29 +0000

I think this is a definitive guide for all of us. Not only for our superiors but also, for those who work a lot online. This article can also impose a great self discipline.

By: The IT Skeptic

The IT Skeptic — Tue, 01 Sep 2009 06:19:06 +0000

Eight hours a week!!???!!! Are you nuts? If I pay someone to be at work i expect them to be working. Eight hours a week of goofing off is OK? Now I’ve heard everything

By: web design best practices

web design best practices — Tue, 01 Sep 2009 05:42:54 +0000

And thanks to this post, I know what I’m going to do with my portfolio listing.

By: Tony Wright

Tony Wright — Mon, 24 Aug 2009 16:38:08 +0000

So I assume you’re against the concept of timesheets? Or are those okay because employees can fudge the numbers a bit? What about timecards?

And the concept of expense tracking? Surely team members should be trusted to spend corporate funds wisely, right? Should we stretch that to government? Can trust our civil servants to spend our money wisely?

Time is the most scarce resource a business has. Getting reporting on how people spend a resource isn’t evil, if done correctly… And it’s not necessarily a signal that you don’t trust your team (especially if the team can see how the manager is spending their time!).

Transparency like this has some pretty radical effects. People who don’t know what they should be working on seek out productive stuff to do. People who are leisure surfing don’t hastily alt-tab to Excel when the boss walks by because they’re confident their data is out there. People who work odd hours don’t look like slackers. People who aren’t necessarily good at APPEARING productive/focused no longer pale next to those who do. Workplace camouflage is no longer rewarded.

Putting the truth out there isn’t a force of evil– hiding the truth IS. But obviously, an evil/small-minded manager could do considerable damage with spyware-style monitoring tools.

By: Chris Dean

Chris Dean — Mon, 24 Aug 2009 16:13:25 +0000

-1

It’s hard to see this as anything but evil. If you are required by regulation to monitor activity that’s one thing, but anything else shows a distinct lack of trust that will only be harmful in the long run. If you treat people like criminals, they will be behave like criminals.

I have no doubt that there is a market for these products, but I for one would never buy any for my company.

By: Breetai

Breetai — Thu, 20 Aug 2009 23:41:34 +0000

I’d be willing to bet a tool that shows the employee how much time they’ve spent on the web would be 10 times more effective than the managers doing the monitoring. Most of the time people just don’t realize it.

By: Tony Wright

Tony Wright — Thu, 20 Aug 2009 23:03:59 +0000

That’s a really good point– security is no small reason for the existence of blocking/monitoring technology.

But, short of artificial intelligence, how could you possibly allow them access to social media / web 2.0 sites yet NOT allow them to misuse those services in a way that is detrimental to the company?

And a broader question– how much are you paying for that security? i.e. if I could make a case that your security was causing a 10% reduction in employee performance/output and a 8% increase in annual employee attrition/churn and was a major reason why high-performing people aren’t taking jobs at your company, is it worth it? What if you double those numbers? I suppose it depends on the potential damages that a leak could cause.

By: cybertactix

cybertactix — Thu, 20 Aug 2009 22:24:46 +0000

You make a reasonale case if you believe the sole focus is productivity, but for many firms productivity isn’t the primary reason for blocking, its data leakage. In this day and age a growing number of firms don’t make physical products, they manage data… corporate data, customer data, PII… and the real danger is that employees take the security controls implemented in the work environment for granted. Great security should secure data while minimally interfering with or even enhancing user’s workflow (although that is seldom the case). The problem is that for user’s in companies where data security isn’t a part of the culture or who aren’t security concious/aware, security is thought of as a hinderance to doing business and users either look for a way around existing controls or don’t give any thought to the implications of posting comments or information on convenient WEB 2.0 services. I spend a considerable amount of time each day answering user queries about why particular web sites are blocked and in 98% of the cases once I am done explaining why we don’t allow users to access the site (backed up with examples or scenarios of how misuse has or can cause data loss) the comment back from the user is along the lines of “now that you’ve explained it I understand why the site is blocked I’ll use the service the company provides”.

If providers want companies (not just users) to embrace services on the Internet then they need to build in functions that allow companies to extend their corporate security/controls/processes into the data users may put on these services rather than ignoring corporate security needs and embracing only user ease of use and functionality.