Pages

Should internet access be limited for employees?

Though I am in the process of building up my next company, this is not my first rodeo. From 1998 up until mid-2006 I—and later my partners—managed the growth of WebSurveyor up until its sale. One of the many challenges we had during that time was establishing not only a culture for our employees but also a clear set of rules governing among other things internet access.

The culture that I always wanted centered around personal responsibility. My view was to make sure people understood how important they were to the success of the business and to give them the freedom to use their computer as they saw fit to accomplish their goals. We made it pretty clear that objectionable material (a.k.a. porn) was completely forbidden and you would be fired if found accessing it from the office. If an employee wanted to pull up non-work sites that was fine as long as it didn't interfere with their job performance.

When we had under a dozen employees this was really easy. We worked in cramped offices and none of us had any real privacy, myself included. We were also struggling just to keep the business alive and everyone understood the gravity of the situation; those that didn't we got rid of as quickly as possible. Our margin for error was incredibly small.

Over time the company grew, in some cases very rapidly, and we adjusted by moving into larger office space and hiring more and more people. Once we started reeling off a string of profitable quarters the pressure changed: we went from being in survival mode into a growth and expansion phase. In addition people had considerable privacy over our old environment, even if it was just the shallow barrier created by a couple of cube walls.

It was in this environment our verbal rules needed to change. The model we went with was to create a pretty comprehensive set of policies in our employee handbook and to continually reinforce our culture in meetings and personal interactions with the staff. We still did not limit access to the internet though, so if someone wanted to pull up ESPN at lunch or chat with some friends through AIM we didn't have "electronic counter measures" in effect to prevent that.

My New Magic Trick
This did create the opportunity for abuse though. Being a "boss" meant that I suddenly had a new talent: I could walk up to some people's cube and the second I appeared their browser window would minimize. I became a human minimize button. It was actually pretty comical and in some cases I would pull a "Columbo" and walk a few feet away, then turn back and say "Just one more thing..." to see them minimize the window again. Magic I tell you.

Not everyone did this of course. The people that I respected the most would leave what they had on their monitors up, not really caring that I saw they were actually checking the standings in their fantasy football league or pricing AV equipment for their home. I assumed that those folks were taking a micro-break and besides, they were always my most productive people. They managed to blend the ability to be productive with occasional travels into personal tasks and understood when to refocus on their primary responsibilities.

As a manager we had established a usage policy based on trust and I wanted to see that trust reciprocated. What really shocked me was that this talent (my magical window minimize skill) was not limited to entry level employees. I had senior and very experienced people that had enormous responsibilities do it, in some cases folks that were very recent hires. Needless to say those were not my finest moments as a champion for personal responsibility and usually resulted in a quick "Can I see you in my office for a minute?"

I bring this up because one of the folks that used to work for me, an early employee who I liked and trusted, told me about his new employer. They are a very large company and as a result have a very restrictive internet access policy. They do not allow access to social networking sites like Facebook and Twitter and have heavily throttled/limited access to things like Gmail and certain chat sites. I'm sure this kind of systemic approach not only makes it easier for management to ensure people are working and not goofing off during the day but also to protect themselves against liability issues such as an employee ogling porn in plain view of others.

Question of the day
My question for you dear reader is this: If you work in a company that limits your internet access does it limit your ability to be productive OR if you work for a company that does not, do you abuse it? Anonymous comments are on so use an alias if you like but I would love to hear some unfiltered feedback on this kind of issue. I also think it will help some of the managers and entrepreneurs that read this blog.

43 comments:

Keleko said...

Since I work from home, I have pretty much free access to the internet. I do use a VPN for access to work system, so I try to keep anything that might be objectionable off the work VPN pipe. However, I have no problems browsing news sites or Amazon over the VPN, either. I don't believe I abuse it since I consistently get "great job" reviews. My work is based on completing assigned tasks by their assigned date, so as long as I do that it doesn't matter what else I do. Sometimes the deadlines are short, so I have very little time to do anything other than my assigned tasks. I know for a fact my managers also feel free to browse similar news sites, since we sometimes share links with one another if it looks like something we're all interested in.

It really comes down to the individual people. The larger the company the more likely you will have people that will abuse the access. It is more likely in a large company to have a strict policy that prevents all from viewing non-work sites because a few people will abuse it. So the easiest choice is to prevent it for all.

Torrey Crabtree said...

At my bank we consistently had people who just didn't have enough hours in the day to get they're work done. We also saw a lot of quickly minimized windows when walking around the building.

I implemented a web filter and blocked Myspace and Facebook, people suddenly became more productive but it is still a constant cat and mouse game as they always find some new site to waste time on.

David Alison said...

@Keleko: Thanks for the comment. This is something I thought about putting in the original blog post: my gut feeling is that people that have restricted access at work are more likely to be far less disciplined when working from home.

@Torrey: You are completely correct, it can become an extended game of cat and mouse. Something I hadn't considered is a retail bank setting where you have employees in a customer access setting (though that may not be your environment). It's one thing for a manager to come up on a person using their PC for personal time but can be really bad when customers walk up on it. I've had it happen to me before and it's not exactly confidence inspiring as a customer.

Anonymous said...

Big companies also have to be aware of corporate espionage so this may be another reason to limit access to the internet.
I know in the military there are designated intERnet computers that employees can use on lunch and breaks to search the intERnet. These intERnet computers are not connected to the defense intRAnet computers and there is no way to link the two systems. You can't even use a jump drive on the intERnet computers.

Charles said...

It's the companies internet connection and computer so they get to do what they want. However, proper use of the Internet is the same as proper use of the phone for personal calls. You can abuse anything, and the abusers are who you should target. Something to also keep in mind, Internet restrictions are less effective in the era of the iPhone.

Chris Bulow said...

I've always managed internet access pretty much along the lines you laid out i.e. personal responsibility by the employee and normal managerial oversight by their line manager (if they want to goof off, then the water cooler is also another time-waster). If the employee does his job, I have no problems with some "relax the mind" time on company time.

Having said that, we do filter for porn,gambling, non-work safe sites etc using a hardware web filter (as much to try and stave off lawsuits as anything else!) and also block non-work online email accounts. Whilst not 100% proof against a rogue employee walking off with our entire client list, it stops inadvertent cock-ups as well.

David Alison said...

@Chris Bulow: Which hardware web filter do you use? I personally would like to prohibit the lawsuit inducing sites (mainly porn and gambling) and having a service / company that stays on top of that would be pretty valuable.

The blocking of non-work online e-mail accounts is an interesting challenge, not because of the technical difficulty but because of the impact it has on the employee. I would think that it would encourage people to handle many personal tasks with their work e-mail address (examples include providing that address as the contact e-mail for their kid's school or doctor). Then they would be able to get notifications during the work day. Again it is all a compromise.

Anonymous said...

This is a great question. I haven't worked in an environment with computers and internet since 2000. The net has gotten a lot more interesting since then, almost irresistible. Given my present habits, I think I'd have a hard time controlling my internet time wastage while at work, so I would consider it a favor of management to control it for me. This is almost a requirement, the same as noisy and distracting cubicle neighbors should be disciplined and removed from the list of distractions. If it is mental work (and if computers are involved it mostly is) then the most useful momentary relief from it is not more mental activity, but a brief walk or some other physical (non-thinking) recreation.

Jeff said...

It is a difficult topic. As Chris said, people who are going to goof off will do it with or without the internet. Fifty years ago, it was the paper and co-workers; now it is the internet and co-workers.

I do my fair (probably unfair) share of surfing at work, but I do get my job done. I don't go to inappropriate sites and I don't open email from some of my friends since I don't know what may be there. I also don't watch streaming video (NCAA basketball, for instance). I do watch the occasional short YouTube clip, but that's about it.

It is hard, however, being the information junkie that I am...

Gerard said...

I'm trying to get my company to post employees' internet usage stats on a page on our intranet. We can do this because we have a large system with a big firewall and proxy server so I'm not sure about smaller environments.

We have the capability to make people "log on" to a proxy server to use the net (we don't have it turned on though). My vision is a top 10/20/x list of most minutes online by user that is viewable to anyone. And maybe a click through report to see the actual domains visited by these top users.

I don't know if "social regulation" will work but I figure it's worth a try.

DuncanM said...

It's an interesting question, I know in one business I ran most people behaved responsibly and got their work done, however the internet wasn't nearly as advanced then so I guess it could have changed.

Another area I can see problems with is games. Pre internet I had to uninstall Microsoft games like Solitaire from one guy's machine, tricky one though I had to "crash" his PC first so I could "re-install" windows he never did ask about where the games went.

With some of today's online games I can see big problems with some people, it's become an addiction.

Dan Dawson said...

The company I work for (a non-profit) has some basic filtering in place (porn, gambling) but is pretty open with everything else, and the reason is a combination of the personal accountability method and lack of technical expertise by the IP staff (one person) to monitor and manage internet traffic.

Blocking personal e-mail accounts as another poster mentioned I think might cause additional personal mail to be directed towards corporate accounts. When I work with my other employees, we often encourage them to set up Gmail accounts or similar for their personal mail to assist them in keeping their work persona separate from their personal mail. Goes a long way in reducing spam as well... if they order from online shopping sites using their work email, it never stops :-)

Downsides of this open policy is, I suspect, a pretty major reduction in speed in our local network. During the Obama inauguration the network was so congested with audio and video streams it was impossible to get any work done for those who weren't watching. If I walked around the building now I'm sure there are 5-10 audio streams for radio stations and the like flowing in to the builiding.

If we had some hardware monitoring on the network just to get anonymous statistics about the type of traffic crossing the network, I could prove or disprove my theory and decide on which actions to take from there.

Here's one of the reasons it works well to have a more open policy. I would occasionally "waste time" online checking out news and technology sites, programming sites. I learned enough they changed my job tile and responsibilities to be their programmer and webmaster. Then I started playing with Social Networking and Analytics, and now that too is a part of my official responsibilities here.

You might want to take a look at what your smart employees are paying attention to, the early adopters will quickly determine what is useful and what is not... given time, the general population follows and you could be leading the curve if those tools were helpful for your business.

Who were the first businesses on Twitter? Which ones built great networks on Facebook? Most likely it was the "rogue" employees on their wasted time who got started in those directions.

Simon said...

It's pretty common to block the personal email, IM, social websites in banking/finance institutions.

Top reasons to do this are:
1) all e-correspondence needs to be audited. A regulatory requirement.
2) There's a requirement to stop data theft. Along with disabling CD burners & USB sticks, blocking unofficial communication that could send attachments is an easy safety precaution.

Stopping 'goofing off' comes a poor third.

David Alison said...

Some great comments in here, I really appreciate the feedback.

@Gerard: I love that idea! It would likely need to be something that didn't display individual people's usage but could present an average for all to see, as well as an "abuser" (non-named) usage for sites that may not relate to a person's job. If you want to promote that you are part of a team giving folks a generalized view into what they are accessing could be a great motivator for having the team help police itself.

@Duncan: Games are indeed a big time waster. The one that I saw the most abuse with were actually the Flash based games that some sites would host. I once had a sales person that would occasionally play games while he was talking to a customer about our products. Sure, he was able to carry on a conversation with the customer but was he really focusing his attention on the call and their needs. He did not last too long.

@Dan Dawson: You bring up a really good point; social networking sites like Twitter and Facebook are now becoming a tool for people in a marketing capacity. Any policy you put in place would likely need to take that into account.

@Simon: There is a big movement towards more regulation, especially as it relates to data security. Few weeks go by that we don't hear about the theft of personal information or a credit card storage breach. Like it or not I think we'll be seeing more and more of those regulations be pushed down to more and more firms. Thanks for the comment!

Ed said...

The company that I work has gone through different trends. When, I first started it was very open... then there was a change in policy after a virus went through our system, and they locked everything down. No external email, no IM no social sites. Oddly, it wasn't long before we found ways around how they were blocking the sites. Then we got bought and all of those policies went out the window and we are back to free range... I am not sure which is better. I definitely like being able to go where I want, when I want. but I can also see the productivity argument as well.

Of course that being said I am one of the people who does not hide his firefox windows and I chuckled we reading your post because I do consider myself one of the more productive employees in our office.

Now for something completely different... I bumped into this small vector editing software and have been amazed by it. So if you haven't played with a program called DrawIt. Definitely take a look at it. http://www.bohemiancoding.com/?DrawIt

Chris Howard said...

Up front and honest, I was an abuser. Haven't worked for nearly four years, but assume I'd still be.

However, that said, it did tend to be relative to my job satisfaction. The less I was enjoying a job, the more time wasting I did. And the internet made it soooo easy.

Simon makes the best point about access to personal email (eg Gmail), the risk of data theft out that open door is very high.

I used to be in IT and was responsible for implementing web and email filtering. It was about 5 years ago, but I chose ContentKeeper for web, and MailMarshal for email.

I like Gerard's idea of posting time wastage for all to see, but I reckon it should show the cost as well, E.g. This month, across our 50 employees, the company saw 2250 hours of access to clearly definable non-work related internet sites. On average, that equates to $45,000 lost productivity. BTW Xmas bonuses may be down this year.

When I was a manager myself, I was all for personal responsibility, as I believe that gets the best out of staff. So I wouldn't question my staff's internet usage (provided it wasn't potentially offensive) and provided they got their job done.

But this has a serious flaw. You run the risk of people only getting their job done. So they can end up doing the minimum. I know I was guilty of that.

So instead of an employee saying "Boss, I've finished all my work for the day, have you got anything I can do?" or some such, they kill their free time on the internet.

(As someone else said, time wasting has been going on for years, and this situation would also have been; however, the internet makes it so much easier and less obvious.)

This has a further problem when you're looking at staffing and workloads, and assuming your staff are fully employed.

Studies have consistently shown that employees waste too much time on the internet, some even showing up to two hours per day.

My own opinion is, based on myself and what I saw both walking around and looking at the logs, lock it down as much as possible.

(In an amazing and amusing irony, my word verification is "logratr". How appropriate!)

William said...

Over at TechDirt[dot}com, they touch on this topic from time to time. As Charles points out, the use of the internet is just like phone use. In the past only certain employees were allow to have phones on their desks. Who is to say that an employee is not using the internet to improve their productivity and job performance just as an older salesman uses a phone to improve his productivity. TechDirt points out that a New York judge ruled a state employee cannot be fired for using the internet.

Anonymous said...

I work for the Police and internet access is heavily restricted and monitored. Policy allows for 1 hour of access per week. Because of this, I use my own laptop (off the network) and a 3G modem. I don't mind anyone seeing what I'm doing as it's almost always work related. Instant Messaging also allows for collaboration in my social network.

This Is Ours said...

I think we all need to recognize that the people we employ, are human beings. With all the faults and flaws that go with that.

We have a written internet usage policy at my workplace. But no countermeasures that would stop us from visiting any one site.

Do I use our work internet for work unrelated stuff ? Sure, I'm writing here. That's completely unrelated to my work.

I think the trick is in actively making the trust a two way street.

And respecting that people are just that, people. There will always be the need to do personal stuff during work hours. Life as we know it, does not stop just because we show up at work.

In Denmark it's generally accepted (at least in the companies I've been in), that if you need to take care of personal stuff, you do that, within reasonable limits.

However, I did read an article written by the manager of SoftScan, who had the following strategy:

He recognized that there's no such thing as 100% efficiency. People have a tendency to stray from whatever they do at work.

So instead of working against that, he worked with it - every hour each employee had 15 minutes they COULD use for personal stuff, IF they had the need at that time.

On the other hand, it was expected that at least for the other 45 minutes, they would stay focused on their work.

This doesn't have to be 15 minutes. It could be 10, it would still be reasonable.

But the trick is in accepting and acknowledging that "yes, you're a human being, not a robot, and I'm willing to work with you, if you're willing to focus for me".

Scientific studies have also shown that a good employee has around 80% effectiveness in a work day. If you're really good, or really focused, I guess you could hit 90%+.

I personally evaluate on performance. Does the person reach whatever goals are set out for them ? If they don't, it's still not sure that "slacking" is the cause. There can be many causes for that.

So basic point: We're all people. I think you'll only make people resist and make them more counterproductive, or downright disloyal, if you start limiting without them having shown you a reason for distrust.

Luca said...

I work for 4 different multinational corporate divisions, and all of them feature a proxy filter, more often badly configured btw (it allows surfin' thro' some porn sites that shouldn't and they lock you out of some google groups for development.... :-(
I think my work performance was way more solid when I couldn't access the internet. But maybe the true reason was youth and will to grow. Anyway, nowadays I surf the internet every now and then in a non-busy day, but I stumble across the same 4-5 sites to read and study technical documentation, other than my personal or company mail.
I believe the right way is to everyone get responsabilized in what they do and where they work. When there was not the Internet, there were a lot of coffee breaks or cigarette breaks or phone calls.

Jan said...

I spend hours on the internet at work every day. Some days, I don't get a lot done until 3 or 4 in the afternoon. The thing that gets me off the hook is that I often work until 11 or 12 or 1 or 2am if I have to.

I'm a programmer, aside from the usual sort of thing where I have a lot of downtime due to compiling, I also need a fair amount of uninterrupted time to get into the groove, and the typical workday is filled with distractions. If you plotted my productivity against the number of people currently still at the office, you'd see that there's a strong inverse correlation. 3 or 4pm usually sees a bit of a pick-up in productivity because the morning meetings are done, everyone is back from lunch, and people are a bit quieter. 5pm rolls around and people start leaving for the day. At around 7 or 8pm most of the other programmers have left or are leaving. Here's where I hit my stride and can really get some work done.

Ultimately, I hate this way of working. I'd much rather be able to work well during the day and leave early because I do my best relaxing starting around 5pm, too. If I didn't have the internet to amuse me, I wouldn't be any more productive, I'd just be unproductive some other way.

In the end, it's the results that matter. I'm salaried, so how many hours I spend at my desk is irrelevant as long as my work is done when I say it's going to be and my boss and internal clients are happy. That's what I strive for, not some idealized day where the hours from 8-5 are steadily productive. Again, I'd love it if that were the case, but I just haven't had any luck making that happen.

If I had my own office, I think things might be a bit different. I know that in the past when I've had an office to myself for a week at a time or so, I was always much more productive. Even when people came to interrupt me to ask questions, it was much faster to get back to my tasks.

Chris Howard said...

Luca said "When there was not the Internet, there were a lot of coffee breaks or cigarette breaks or phone calls."

I agree totally with Luca on that point but it does raise an issue of concern.

The problem we must watch for is that people get proper breaks from their computers. Coffee, cigarettes, and even phone calls provided those regular breaks. What do the experts say? I think it's take 5 mins off the computer every hour.

We must be careful not to let our breaks from work be still on the computer.

Anonymous said...

Jonathan

Take a look at OpenDNS. You can select what sites to filter (by category or by individual site), and it's free.

And to answer your question, it's safe and wise to at least block access to sites containing malware and objectionable material.

Anonymous said...

It is important to have a formal Acceptable Use Policy that every employee agrees to and signs as a condition of employment. The employer need not be zealous in their enforcement, but should a problem arise, the policy is a legal defense.

That policy should also spell out what expectations of privacy employees have on company owned computers, servers, and networks. Again, it covers you if there is a problem. Let employees know that their activity may be monitored and recorded, and that will stop the worst of it.

Many colleges have their Policies on their websites; that would be a good place to start in developing yours .

In conclusion, IANAL, you may want to consult with someone who is.

David Alison said...

@Anon: Excellent advice; having written policies in place makes it much, much easier. Lots of resources for that as well as different rules based on your location. Even if you overlook the legal benefits of having it written down, it's a great management tool.

Anonymous said...

I work in a company that does minimal filtering - using Bluecoat proxy I believe. They have a blacklist that gets updated - and occasionally you'll hit a site that is blocked - but for the most part we are wide open.

Again an issue of personal responsibility. However - we throw a few things into the mix.

1. We have a VERY rigorous selection process - so we select for users that have high responsibility, ownership etc. Even if the occasional one slips through (and they do) they are generally surrounded by coworkers who keep them in line.

2. We administer internal communications audits twice a year - where you rate your coworkers on their responsiveness, ability to compromise etc. Not a 360 but a simple 10 or 12 questions on a 5 pt scale that gets to the real work issues. Those scores are looked at closely, and compensation is tied to it. Missing a couple of bonus checks because of a bad score can fix you right up.

3. We compensate our employees on their productivity. You get a small base and X dollars for each page you type etc. It's not an easy system to figure out - but once its in place you get 2 side effects - a) people work harder and don't really want you to hire additional help - they'll take the extra work and $$ and b) If you don't work, you don't get paid - so you don't waste a lot of time on facebook etc.

BTW - this also guards us against layoffs etc. Because we are all sharing the pain in a slow economy - and feeling the boost of fat times.

Do I see my CIO or other colleagues on Facebook at times? Sure - but when a deadline is hitting - I promise you - few people are sniping bids on eBay. Those that are, self identify - and justice always seems to get done :)

Mike K said...

I believe in a small business situation like you had at websurveyor it comes down to common sense for the employee. The employee knows which websites are acceptable and which ones are inappropriate. And if they don’t they are probably not an employee you want to keep around. As for blocking sites like Facebook, Myspace, Twitter or Linkedin, which would be considered time wasters for some, they’re excellent ways for networking/business development for others. I typically have Linkedin and Facebook on for most of the day and will use both of them to try and connect with new business opportunities for my company. Again common sense. I’m not posting pics and tagging friends that were at the super bowl party, I’m using these sites as a tool to develop business.

David Alison said...

@Mike K: Clearly the size of the company has an impact, as well as the state/country you operate in. From a pure liability standpoint (as one of the Anon's posts above points out) it's a really good idea to have whatever policy you want to enforce written down and signed off by the employees. When we were 10 people we only did basic NDAs, as the business became larger and profitable the amount of paperwork became larger and larger. By the time we broke 30 or so employees we had a really good system in place that spelled it out. This is critical in the defense of the business if an employee—in clear violation of the stated policy—decides to watch a porn flick at work and offends a fellow employee. If there is no policy in place you open the door for a lawsuit, even if the company is clearly not at fault.

My experience has been that it's better to pay the lawyers up front to help build or review reasonable policies than it is to pay them to defend you in court.

Legal issues aside, my real focus—and the reason for this blog post—was to open a discussion on how internet access impacts personal productivity.

Thanks for the comment Mike, I really appreciate the responses we've been getting in here; hopefully it builds up some background for managers trying to understand the issue.

MaxPug said...

I work for a not for profit organization in Northern Virginia. We use a Squid proxy server to block internet radio, porn, gambling, and streaming video sites to include go.com for ABC news, gaming sites (File Planet) and many more. I am the e-mail administrator for over 10,000 plus e-mail users. You would not believe what people will surf for on the web and things they send via e-mail. We do not block major e-mail website like GMAIL, Hotmail, Yahoo, and local ISP’s, so my question is use them. I have seen more people lose their jobs over sending things via e-mail then I care to know. I have recovered more e-mail for HR and legal for review. It has wasted more time recovering that e-mail then I care to think about because people cannot come to work and do their job. I need to send this funny video or funny pictures or picture of my family and then ask “Why is my mailbox over the limit”.
This is my opinion when you get into larger IT environment there are people who will abuse what they have access to. We even had a person call in a ticket to the help desk because they could not get to a porn site. At a remote location we had a person bring in their personal modem hook to a desk and connect to their ISP so they could surf the web. This was after hours of course since we are a 24 hour shop.
There are bad apples in every basket and the tools where invented for the abusers but they also help keep everyone in line.

Anonymous said...

I used to supervise approx. 15 people who had internet access with no limits or blocks.

My verdict is that personal responsibility only works for some people. Others would be very productive but would take that as an excuse to surf for the rest of the day (trying to hide it from me). No one abused to look at porn although some gentlemen would check date sites.

One very responsible lady would clock out to surf for personal reasons - that is very honest!

Csaba Szücs said...

I work at a company, where internet access is limited. Gmail and others are all prohibited. I believe that is good in that way. I also think that blocking IM, which can be used for external communication is also good - well, at least at our company.I have no problem with those ones. Issues arise when I cannot access certain sites, which could help me to do a better work.In the beginning I went to the IT guys and asked for the access but later on I was tired to explain why I need that certain site.Sometimes the company is the culprit if the employees use the internet. For example, I use online dictionaries because the one, which was installed to every PC is useless.

I am working as an internal communicator. When I got the job I didn't have a clue about what the job meant really. If you are interested here is the whole story: http://behindthefence.wordpress.com/2008/12/30/tale/

But back to the topic. So when I started to work there I used the net to educate myself related to internal communications. Best practices and so on. You think that I could do that in my spare time. But actually the situation was that in the beginning I didn't have so many tasks. Later on as I improved my skills and knew more about the subject I discovered the work for myself.Now, I do not have boring hours...

To sum it up: internet access should be limited until a certain point. Depending of the job you have to do some exception regarding the access of certain sites. For example, I do some kind of online press monitoring also at the company nowadays and I need some news sites for that purpose.

Finally, a short (true) story: once I went to the IT manager and said that I need to access to a certain site, which was blocked. He asked me what would I need that for? I replied "Well, it is the global site of our company..." He didn't pose more questions...

Nick said...

Wow. This really is not a difficult topic.

The Internet is a tool. It may be used for many useful purposes and it may also be abused to the detriment of your company.

By choosing a one-size-fits-all approach to the problem, you either open your company up to potential abuses (as stated above by other commenters), or you insult the employees that know how to obey the rules and balance their work and personal time. You pay a price either way.

Or, you use a hybrid model and restrict connectivity on a case-by-case basis. Trust all employees initially. If you need to restrict certain individuals based upon previous incidents, restrict them personally without punishing the entire team.

This Is Ours said...

@Nick: Problem is, that takes a lot of micromanagement.

I think it's actually scary how people are looking for control, instead of self-management - which would be the obvious and productive way.

Anyway - I choose to trust that people to what they need to do. I don't mind people surfing personal sites, as long as they generally reach the goals set out for them personally, the department, and the business.

I see the internet as a tool. I *constantly* Google stuff. I network with other professionals. Or people in other fields for that matter.

And while not directly beneficial to the company, it keeps me as a professional and human being, in the loop. Which in turn IS beneficial to the company.

I'm currently looking into building a business case for my workplace, for using Enterprise Social Networking and knowledge tools such as wiki's, on an enterprise level.

What I'm using to gather information ?

Google. Social networks. Communities.

Is it part of my job description ? Partly. I'm the primary responsible for messaging and collaboration. Enterprise social networking and knowledge management are not a direct area of responsibility for me.

But I'm driven by my interest for it. And my firm gut feeling that the place I work would benefit MASSIVELY from using those platforms.

And in the end, when (I'm not saying if, I really mean when) my business benefits from me having strayed from the immediate path - the company will benefit directly from that.

If you kill personal innovation, creativity and initiative, you get far less from your business and employees, than you could.

Christine-Megan said...

I'm an RN that works nights. My hospital does not limit our internet use. I've had nights where I haven't sat down for my entire 12.5 hour shift, and nights where my patients fall asleep early on and have no real needs all night while I'm out at the desk reading novels and playing on Facebook. If my responsibilities are taken care of, why shouldn't I? And I MORE than make up for the easy nights other nights.

David said...

Hey David,

I get to see this sort of thing all the time. We run our own IT company and manage several sites, some where there is restriction to the Net and others where there isn´t.

I´ve also been involved in processes going both ways.... ie. clamping down an open network and opening another up.

The biggest issue I see is one of **trust**. It´s a powerful statement to employees when measures like this are in place and that statement is generally taken as ¨The Boss doesn´t trust you¨

Time-wasting employees will find another way to skive off if not on the internet and so the issue is more one of the heart than of technology.

I believe that the mature/professional (and most awkward) stance is to confront the time waster and talk it through. Unfortunately the most common stance is to filter and monitor, usually in a subversive manner, and snap them when they break the rules.

It´s a fine line to walk between rights and responsibility (especially in the area of inappropriate content).

Food for thought!!

David Czepanski.

Kevin said...

I work for a large firm and feel that the best policy is to block what you can get into legal trouble with. I for one can't stand signing written policies, clicking on EULAs, filling out conflict of interest surveys every month and all the other things that send a strong message that the company is relying on the employee for legal compliance. Consult your lawyers and implement a system to enforce what is required. Don't require your workers to be experts in the law.

Anonymous said...

Employee time abuse isn't something new with internet connectivity but it does make an easy means for those that choose to wast time. The job that I liked the least had a very restrictive internet policy with technological enforcement as you describe. I wouldn't have been any more or any less productive regardless of policy or access. It is the company, culture and management that inspired myself to be more productive with time, or in the case I described not as productive. So for me I don't see the internet as the cause for time wasting but with it's ease of access it could prove too tempting for some.

mike from iowa said...

I have the pleasure to work for a Fortune 100 company that has had an evolving internet usage policy for the last 3.5 years. When I started with the company we had no internet access, we were only allowed to use our computers to use proprietary software and our corporate email, even the public company website was blocked! Now we have the ability to surf most sites (obviously Pron and Gambling are blocked) but ALL email is blocked except for corporate email. In my job I am much more productive with internet access because often times the internet is the only place to find information required to answer customer questions. Email blocking is fine with me, as I have a blackberry for personal email and web access. Now, if they would only restore our ability to manage fantasy football teams I would be really productive on my Sunday shifts....

DeViLbOi said...

A lot of people have brought up a lot of different points of view on this story so mine sure isn't going to be anything new. I work for a company that is 40K employees large. Until recently we had a very restrictive internet policy in which you couldn't get to MySpace, Facebook, eBay, GMail, Hotmail, etc. HR found out about it and lifted a large number of these restrictions. However, even though I can now get to these sites I still dont' go to them because I don't believe they have a place in the workplace. We still block the majors though; porn, gambling, email hosting, audio/video streaming, day trader and online gaming without any complaints.

My one major complaint about our system is that it is not uniform. For example, currently I can get to Photobucket without an issue but ImageShack is blocked as a photo upload site. Currently I can get to all of the Digg mirror sites but TinyURL is blocked as a connection proxy.

I noticed that many of the comments mentioned publishing Internet usage statistics. We did have this in place a few years back but it was removed as a possible legal issue with pointint fingers at certain employees. If you do go this route I would recommend some way of displaying the information to the employee with like a ranking number and the bandwith usage. Another system we had used tracked how many hits we were giving individual websites. It was interesting information but in the end it was found to provide no value. (ie Knowing that a certain bank gets 20K hits a day just doesn't help.)

Isaac said...

Before tackling the Internet access issue, managers need to ask why is it that some employees have so much free time on their hand? Why is it that their employee's time and resources are not being utilized? Why is it that an employee does not utilize his/her own free time to advance their career or browse the Internet on subjects related to their education and career? And why is it that some employees think they could get away with browsing the Internet?

When I am very busy at work I rarely browse the Internet, but if my schedule is light I browse the Internet more often.
I ask myself did I just successfully complete an intense project so I could take it easy for now OR am I in the middle of an intense project and don't have a minute to waste.

With or without the Internet slackers will find ways to slack off. Just give Internet abusers tighter and more frequent deadlines, make them more accountable, and throw the whole agile process at them and watch their usage drop substantially. Really, I think it is as simple as that because it always worked for me that way.

Plus how far we want to go? Should we also cut off all personal cell phones? Monitor game usage and see what they are typing in a word processor?

Many may disagree but I think it is OK to allow an employee to use the Internet to take care of a personal task during their lunch time. It may save an employee a lot of time and headache which will help them proceed through the day better.

Having said all that I need to mention that Internet usage could be disruptive to the group as a whole. On two occasions while working in well established companies I noticed that some people browse porn sites at work. What was demoralizing is that while I was working so hard to meet tight deadlines, others seemed privileged to browse the net so irresponsibly. I never dared to hit a porn site at work. (The last Internet company I worked for allowed programmers to access any site since we often did view source, crawled web pages, etc. on external sites)
Anyway, I still think the Internet is just a symptom and not the root cause. With better project management and employee motivation the issue could be almost entirely eliminated.

I wrote this from an employee's perspective as I should mention that I don't have a lot of proven management experience.

Anonymous said...

S in Houston

I work for a Fortune 500 Company, Oil and Gas Services. The company uses Websense to block sites like Facebook, Porn, Gambing etc. They also filter for certain words so legitimate sites also get blocked.

They make every responsible for what they look at and everything is recorded and can be used when needed. For example, it's slow now and people are being retrenched. For sure they are looking at heavy users of non work related sites and making this info aware to Supervisors and Managers.

That being said, walk around the cubes and any given time and I see people on the internet all the time. For some reason, Ebay and Facebook are not blocked, so I guess some of the VP's and etc. use them.

Myself, I check email and the news in my own time, usually limited to no more than 30 minutes per day.

MacViolinist said...

I think the economy-of-scale question posited here isn't whether or not you need to be limiting internet access as the business grows. I think it boils down to how effectively large businesses make smart hiring decisions.

I'm one of those ultra-productive types. At my last company, we had moderately limited access: facebook and youtube were blocked; personal email was not.

I will admit that I set up a couple of my home machines up for co-workers to log into to get access to the blocked sites . . . for a small fee.

You can read that how you will. It gave me a competitive advantage because my buddies were paying me for the privilege of wasting company time while I was being productive.

And it would've worked out beautifully except that I accepted a rather fast promotion. I lost seniority when I took that and was one of the first to get laid off when the economy tanked last fall.

But to my point: good, effective employees will be good and effective no matter what freedoms they are given. People who aren't so committed won't be good no matter how restricted they are.

I'll also freely admit to sometimes taking 45-minute smoke breaks, but I wasn't really on break. I was on the phone with clients, on the blackberry getting work done, having impromptu meetings with various people in the company trying to get stuff done.

I see limiting access as a band-aid that punishes responsible employees and allows poor employees less rope to hang themselves with. As a manager, I would want to have the ability to look at someone's web stats and say quite simply, "You violated the agreement."

I will also mention that I was on the pilot team that tested work-from-home setups. My productivity didn't drop (until I was laid off), in fact, it increased.

It was easier and more convenient for me to get to work earlier and stay later. Because I was at home. All I had to do was wake up, open the laptop, and I'm at work.

So to me, the question is more about how you go about finding those people. It's awfully hard to tell what kind of an employee a person is from a resume.

La said...

I abuse it, like what I'm doing now. I'm not as productive either, but I'm less stressed now.

I used to work for a company that had NO internet access, just intranet. I was very productive, but I was too stressed, I eventually moved on.

Btw, my boss also caught me "minimizing" the other day. It was very embarrassing for me, and she give me the... lecture. So now I have devised quick techniques to throw her off. Sorry I can't tell you, you're the enemy :)