are these really 10 things enterprises should ban?

An article posted by eWeek titled, “10 Disruptive Online Services Enterprises Should Ban From the Network”, is just ripe for looking at. And I’m not even going to start at the overly blatant buzzword forced into that title.

0. Just to start out, I dislike when “security” and “productivity” get thrown into the same discussion, especially in front of the IT folks. Security is an IT concern (and everyone’s if you want to get picky), but productivity is a managerial (and corporate/HR) concern. Not an IT one. So we’re already muddying the waters on this topic.

00. Oh, and I should also mention that more than likely many years ago, the phone was probably considered a time waster as well. How dare people have the chance to make personal phone calls during work time! For shame.

1. YouTube – I agree that YouTube is a time-waster. And one can also make the case for it being a bandwidth drain. But keeping employees away from YouTube can be a bit of a forced disconnect with the rest of the world. Need to check out a song quickly and easily? YouTube. Need to check out a commercial or ad from the past? YouTube. Need to network with clients and their userbase? Need to watch a vendor video on how to implement a new appliance? Conference talk you missed on physical security? YouTube is a remarkable site with a multitude of personal and professional uses for almost every employee at some point during their tenure.

2. Facebook – Again, I’ll agree there are people who waste way too much time on this site. But, I’d say there are plenty of people who do network via Facebook, even so much as researching potential clients or contacts. Yes, this is still the realm of marketing and sales (and maybe anyone who touches clients/customers), but it’s really silly when a company has a marketing team with a Facebook presence, but does not allow employee access to Facebook. I mean, really? Do you *really* value it, in that case? Would it not be helpful to have “free” Likes from your employees (without begging for it, of course)? I’d agree, though, that many people don’t really have any work reason to be on Facebook other than personal reasons.

000. Back in the day, network admins got serious about security and started putting up firewalls. Eventually, enlightened users started tunneling the services they wanted. Later on, IT and HR) started blocking personal sites as time wasters. So employees worked around it by riding the mobile and particularly cell device wave. There’s a lesson in there…

3. Twitter – Twitter is not for everyone, but I find more work-related value in Twitter than personal. There have been numerous times that I’ve heard about a breach or new 0-day or patch via the masses on Twitter. There have been times I’ve been really early in explaining some outage because the vendor/site/service had a Twitter feed I could check. This takes some personal energy to make it useful in a work sense, but it’s ridiculous to block it these days.

4. Social gaming sites – No argument here on this one. 🙂 Why might a company not block these? Maybe because it costs money to block sites; costs time to administrate it; and the chosen vendor may not be all that great at blocking them all. There are technology reasons for lack of coverage. Just sayin’.

5. Adult-oriented sites – Duh! 🙂

6. Vine social video-sharing site – I admit. My first reaction: “Vine what?” So I can’t really say why this is good or bad, but the article didn’t even begin to convince me this is bad.

7. Any shopping site with poor security and a worse reputation – What? No really, what? This paragraph doesn’t make sense. Anyway…this is still pretty dumb. No IT or security person wants to play ethics cop on sites, and then argue with users about it when they can’t buy whatever just because the site looks like it was made in 1997. This is why we rely on categories and the people/algorithms behind the scenes at the vendors to make these decisions. And even then, unless a site has a clearly detailed infraction, a user won’t understand the block and will raise a stink. It’s just not worth the time, usually. (I’m sad the author didn’t tap into the benefit of IT helping keep employees safe by not allowing them to put their personal financial data at risk with known bad sites, but whatever. It’s a feel-good bit of theater to present it that way.)

8. Pandora – We can again take the bandwidth angle here, but if you, as a company, want to take the stance of being anti-Pandora, you’re really taking the stance of being anti-streaming music. And good luck blocking them all. The benefit of employees being able to just listen to what they want and do their work is probably worth it. I mean, how many employees spend *that* much time curating their music libraries?

9. Security software sites – This bullet point pretty much tells me the author has not ever been a security or IT admin, or even desktop support for a decent company. The answer to this is not to chase down and block sites, but to restrict access on the endpoint system. And for those who do desktop support, it would really suck to have some big issues that needs cleaning while sitting at the user system, and not be able to get to a site for information or tools or updates. For users who are admins, this is where we talk about software inventory, policy, and auditing.

10. Anonymizer web tools – This item does have merit. But at some point we’re talking about wasting some poor admin’s time chasing down these tools, rather than having managers do their job with managing employees and their productivity. Or auditing surfing habits and enforcing computer usage policies. And to block “online instructions?” You mean scour forums and block any that offer any proxy/VPN solutions to the common question of how to bypass work filters? If a web filter has this as a category, it probably can be turned on, but more than likely you want a web filter that inspects the data flows and drops unknown protocols/tunnels. Nonetheless, if an employee is actively making this sort of effort to bypass policies, that should be more than enough to involve HR/management.

0000. No Skype? No IM? No Dropbox? No Gmail? No gun sites? No hate sites? No known malware sites? What the fuck, man? That’s not even WTF, that’s “What the fuck?”