Shark Bait

Knowledge Centers

Operating Systems

Networking & Internet

Mobile & Wireless

Security

Storage

Business Intelligence

Servers & Data Center

Computerworld Reports

Industry

See your link here

Martin McKeay

Security Matters

The dubious effects of monitoring surfing habits

4 comments

IT TOPICS:Internet, Management, Security

In a previous incarnation, I ran the web traffic monitoring software for a major company. It was my job to make sure that the employees of the company couldn't get to sites they weren't supposed to and occasionally run reports for the Human Resources department. The company's policy was relatively simple: no pornography, no hate sites, no gambling at work. They didn't monitor time online or have any automated reports to tell who was spending too much time online, they only asked for details if there was a problem. Having had that experience I'm more than a little dubious of any claim by a vendor that their product is going to "make companies more efficient and effective".

It's pretty well documented that taking a break from time to time to let your brain digest what you've been working on is a good thing. Does it matter if an employee does this by taking a few minutes to read personal email or goes out to take a smoke break? After all, most people have worked with someone who seems to take a 15 minute smoke break every hour, so spending the same time at your desk catching up on your web comics can't be any worse.

The real issue has nothing to do with an employees surfing habits. It's an employee's work habits that are the real issue, and overly controlling what sites they can visit and how much time they can spend online is just treating a symptom of the problem, not curing it. An employee who's going to shirk their work is going to do so one way or another, web surfing is just one option. Employers need to realize this and treat the problem at it's source, making the employee realize that a certain level of productivity has to be met, not blame time spent on the Internet as the cause.

Restrictive surfing policies impact businesses in less direct ways that may not always be obvious. Employee morale can suffer when seemingly arbitrary restrictions are placed on employees. If you have these types of restrictions, make sure your employees know about them, why they're in place and the consequences for violating the policies. Another problem, especially for IT and security professionals, comes into play when we're trying to do research. There are few things as annoying as not being able to get to the site that has the answer to your technical question because it's been labeled as a hacking site by your monitoring software.

Web monitoring is essential in today's networks, but it has to be a delicate balance between enforcing corporate policy and being overly restrictive. But more than anything, this monitoring should be a function of the HR department, not the IT department. Yes, IT may be the one's running the systems and configuring the monitoring, but it has to be HR that decides what is and isn't blocked based on corporate policy. Even more important, HR needs to be the ones running and controlling the reporting mechanisms, because any time you run a web traffic report, it's an HR issue. Giving these reports to managers without involving HR from the start can not only result in an inability to take any effective action against the employee, it could mean a possible lawsuit if handled badly.

Email this

Digg this

What People Are Saying

Add new comment

My company had an employee

Submitted by JP on August 3, 2007 - 11:28 P.M.

My company had an employee that was in charge of web access and it went to his head. He started by locking everyone out and then giving internet access on an as needed basis. He was called various names at work which did not sit well with management because he was seen as all knowing. He considered everyone the bad guy except for a select few of administration people. We never had to worry about surfing because it didn't exist. Now that he has moved on, things have lightened up a bunch. It took more time and money to watch your back then allowing employees to surf!!

Reply | Report this comment

I have never liked the idea

Submitted by Anonymous on August 1, 2007 - 6:08 A.M.

I have never liked the idea of IT being baby sitters. If an employee's work habits are poor, the issue should be handled by his/her supervisor. ISTM the bottom line should be whether the employee is doing the job for which he/she has been hired.

Providing employees Internet access can be a inexpensive benefit that keeps employees happy. ISTM better to have an employee shopping online during lunch (and even answering the phone to handle business) then to encourage running errands away from the office (and frequently running a few minutes past the end of lunch time).

Reply | Report this comment

Web access controls are only

Submitted by Anonymous on July 31, 2007 - 11:37 A.M.

Web access controls are only partially about employee productivity. Its about legal liability for a hostile workplace (inappropriate content, sexual content), to block drive-by-infections from the malware that is now common on websites, and to monitor for data leakage - data leaving your organization (I'd want to know if Bob the sales man was uploading 300 MB of data to his GMail account!

Reply | Report this comment

AMEN! Used to work with a

Submitted by Anonymous on July 31, 2007 - 11:05 A.M.

AMEN! Used to work with a guy who loved to play solitare. Until we got an Internet connection. Then it was "personal research" unless he had something urgently pressing. This was very frustrating to one of our Sales guys. A Sales guy who could talk about the latest sports issue for an hour without stopping. I never really understood why card games and surfing were so much worse than standing around jawing with someone about non-work-related issues. Heck, our Sales guy took up the time of his conversation partner, while the game/surf guy only wasted HIS OWN time.

Reply | Report this comment

CIDRAP Summit represents last chance to get H1N1-ready

Timing is everything

We could tell you, but then we'd have to kill your Internet access

Quitter! White House cyber-security czar Melissa Hathaway goes buh-bye

Receive the latest technology news and information.

	Computerworld Daily News (First Look and Wrap-Up)
	Computerworld Blogs Newsletter
	The Weekly Top 10

View all newsletters

* E-mail Address:

* Industry:

* Job Title:

* Company Size:

* Country:

* State:

I would like to receive offers via e-mail from Computerworld partners.

Martin McKeay's Archive

IT Topics

Sponsored Links

Play NetApp's New Data Defense Game.

Return on Information: Google Enterprise Search pays you back. Get the facts.

How Do You Rank as an Innovation Leader? Download Recent Study.

See how AT&T can help protect your network.

3 Innovations. 3 Free Downloads. Free trials of Windows 7, Windows Server 2008 R2 and Exchange Server 2010.

Citrix NetScaler with nCore Outperforms F5 BIG-IP - Learn More

64-page prescriptive guide to security, compliance, and IT operations.

Streamline IT Costs. Boost Performance with WAN Optimization

Enterprise Network & Server Monitoring Software. Cross over to Traverse...

Increase UPS efficiency without sacrificing protection

Crystal Reports Server: Single server access to reports & dashboards

Create new opportunities. See business making progress now

ESET NOD32 with ThreatSense(R) - Get your free trial now!

Looking to add Unix/Linux functionality to Windows?

Join the conversation about the hottest IT trends with Computerworld on Twitter.

ITwhitepapers.com - Access thousands of white papers on 300+ technical topics.

Leverage Your Cisco infrastructure for Superior Application Performance

Learn about the AMD Virtual Experience

Introducing: Project Icebreaker

Stay informed with custom newsletters from Tech Dispenser

New DW Options and Price Points. View Teradata Platform Family Data Sheet.

To get a better view of your entire data center, you need a better vantage point. Improve your vision with Hitachi IT Operations Analyzer - Free 30 day trial

Play NetApp's New Data Defense Game.

Take the Netezza TwinFin TestDrive!

NetScaler VPX : Harness the Power of Virtualized Web App Delivery

Get more enterprise mobility value for up to 25% less.

Unified Communications: Thoughts, Strategies and Predictions. Join the discussion.

NYUs M.S. in Management and Systems. Offered Online and On-site.

Crystal Reports Server: More options. Not more money.

Parallelism is not just for HPC. Create rich apps from desktop to device. Get the eval.

Tolly Performance Report "Citrix NetScaler with nCore Outperforms F5 BIG-IP"

Save up to 61% plus Free Cheesecake

Find IT jobs in the Healthcare industry on Dice.com

With the NEW KODAK i700 Series Scanners get full speed at 300dpi!

Not All QSAs Are Created Equal: What You Should Know Before You Buy

The arrival of Serial Attached SCSI (SAS) marks a new era in storage scalability

The AMD Virtual Experience Virtual Trade Show

About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map

CIO

Computerworld

CSO

DEMO

GamePro

Games.net

IDC

IDG

IDG Connect

IDG Knowledge Hub

IDG TechNetwork

IDG Ventures

IDG.net

InfoWorld

ITwhitepapers

ITworld

JavaWorld

LinuxWorld

Macworld

Network World

PC World

The Industry Standard

Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.

The dubious effects of monitoring surfing habits

What People Are Saying

My company had an employee

I have never liked the idea

Web access controls are only

AMEN! Used to work with a

Related Posts

Today's Top Stories

Hot Posts

Recent Comments

White Papers & Webcasts

Computerworld Reports

Newsletters

Martin McKeay's Archive

IT Topics

Sponsored Links