Big IT companies usually include a private intranet and corporate proxy and all that jazz. The intranet facilities are both for security and ease of intra-office communication. Unfortunately, this type of overhead usually quite quickly becomes bloated and sub-optimal, introducing random obtrusive quirks to the daily workflow.
One such quirk is the list of banned sites. In general in the high-tech industry employee productivity cannot be micro-managed (at least, not by today’s best practices), and so employee focus on the job must be more macro-managed (goal-oriented measurements such as ‘getting the task done’ rather than ‘how many hours did you spend not slacking off’). This is a common rule by now in many jobs, but all the more so in one where you would be expected to the use the Internet constantly. However, some sites / protocols are still ‘banned’ by the corporate proxy – disallowing access from behind the corporate firewall.
Some bans are understandable, such as banning non-domain ssh protocol or other security-intrinsic loopholes. Other bans are not acceptable – those where the security is heuristic, or where the ban seems to be productivity-inclined. Two examples from real life:
- Facebook – I need Facebook for my job. A prime example is logging into StackOverflow (a programming Q&A site) with my FB account.
- Google Docs – I am stumped as to why this is blocked. Security cannot be to blame (do we fear illegal intrusions by Google spies? Is it 2084 yet?). The key here is that I use my personal knowledge-management tools (some of which are online) in my day-job, too. Many professionals would do this. I need access to this information while I work.
The above examples relate to immediate work-related needs. A more common pattern is indeed performing tasks unrelated to the job, but tasks which still need to be done and would be done fastest with said tools. If I need to message someone using FB or use a GoogleDoc to organize the list potential new apartments I am going to see that evening, let me do it.
If the site is blocked, I’ll have to find a way around it, by either using a more cumbersome tool or by surfing the site by smartphone. Blocking the site only aggravates the corporate worker (never good) and wastes their time by having to work around it.
We’ve learned not to micro-manage workers’ time; on anything not compromising the corporate information security, the company has to just trust the employee all the way on spending his time responsibly. And if he’s going to ‘slack off’, at least him get it over with quickly.