Should internet access be limited for employees?
Though I am in the process of building up my next company, this is not my first rodeo. From 1998 up until mid-2006 I—and later my partners—managed the growth of WebSurveyor up until its sale. One of the many challenges we had during that time was establishing not only a culture for our employees but also a clear set of rules governing among other things internet access.
The culture that I always wanted centered around personal responsibility. My view was to make sure people understood how important they were to the success of the business and to give them the freedom to use their computer as they saw fit to accomplish their goals. We made it pretty clear that objectionable material (a.k.a. porn) was completely forbidden and you would be fired if found accessing it from the office. If an employee wanted to pull up non-work sites that was fine as long as it didn't interfere with their job performance.
When we had under a dozen employees this was really easy. We worked in cramped offices and none of us had any real privacy, myself included. We were also struggling just to keep the business alive and everyone understood the gravity of the situation; those that didn't we got rid of as quickly as possible. Our margin for error was incredibly small.
Over time the company grew, in some cases very rapidly, and we adjusted by moving into larger office space and hiring more and more people. Once we started reeling off a string of profitable quarters the pressure changed: we went from being in survival mode into a growth and expansion phase. In addition people had considerable privacy over our old environment, even if it was just the shallow barrier created by a couple of cube walls.
It was in this environment our verbal rules needed to change. The model we went with was to create a pretty comprehensive set of policies in our employee handbook and to continually reinforce our culture in meetings and personal interactions with the staff. We still did not limit access to the internet though, so if someone wanted to pull up ESPN at lunch or chat with some friends through AIM we didn't have "electronic counter measures" in effect to prevent that.
My New Magic Trick
This did create the opportunity for abuse though. Being a "boss" meant that I suddenly had a new talent: I could walk up to some people's cube and the second I appeared their browser window would minimize. I became a human minimize button. It was actually pretty comical and in some cases I would pull a "Columbo" and walk a few feet away, then turn back and say "Just one more thing..." to see them minimize the window again. Magic I tell you.
Not everyone did this of course. The people that I respected the most would leave what they had on their monitors up, not really caring that I saw they were actually checking the standings in their fantasy football league or pricing AV equipment for their home. I assumed that those folks were taking a micro-break and besides, they were always my most productive people. They managed to blend the ability to be productive with occasional travels into personal tasks and understood when to refocus on their primary responsibilities.
As a manager we had established a usage policy based on trust and I wanted to see that trust reciprocated. What really shocked me was that this talent (my magical window minimize skill) was not limited to entry level employees. I had senior and very experienced people that had enormous responsibilities do it, in some cases folks that were very recent hires. Needless to say those were not my finest moments as a champion for personal responsibility and usually resulted in a quick "Can I see you in my office for a minute?"
I bring this up because one of the folks that used to work for me, an early employee who I liked and trusted, told me about his new employer. They are a very large company and as a result have a very restrictive internet access policy. They do not allow access to social networking sites like Facebook and Twitter and have heavily throttled/limited access to things like Gmail and certain chat sites. I'm sure this kind of systemic approach not only makes it easier for management to ensure people are working and not goofing off during the day but also to protect themselves against liability issues such as an employee ogling porn in plain view of others.
Question of the day
My question for you dear reader is this: If you work in a company that limits your internet access does it limit your ability to be productive OR if you work for a company that does not, do you abuse it? Anonymous comments are on so use an alias if you like but I would love to hear some unfiltered feedback on this kind of issue. I also think it will help some of the managers and entrepreneurs that read this blog.
The culture that I always wanted centered around personal responsibility. My view was to make sure people understood how important they were to the success of the business and to give them the freedom to use their computer as they saw fit to accomplish their goals. We made it pretty clear that objectionable material (a.k.a. porn) was completely forbidden and you would be fired if found accessing it from the office. If an employee wanted to pull up non-work sites that was fine as long as it didn't interfere with their job performance.
When we had under a dozen employees this was really easy. We worked in cramped offices and none of us had any real privacy, myself included. We were also struggling just to keep the business alive and everyone understood the gravity of the situation; those that didn't we got rid of as quickly as possible. Our margin for error was incredibly small.
Over time the company grew, in some cases very rapidly, and we adjusted by moving into larger office space and hiring more and more people. Once we started reeling off a string of profitable quarters the pressure changed: we went from being in survival mode into a growth and expansion phase. In addition people had considerable privacy over our old environment, even if it was just the shallow barrier created by a couple of cube walls.
It was in this environment our verbal rules needed to change. The model we went with was to create a pretty comprehensive set of policies in our employee handbook and to continually reinforce our culture in meetings and personal interactions with the staff. We still did not limit access to the internet though, so if someone wanted to pull up ESPN at lunch or chat with some friends through AIM we didn't have "electronic counter measures" in effect to prevent that.
My New Magic Trick
This did create the opportunity for abuse though. Being a "boss" meant that I suddenly had a new talent: I could walk up to some people's cube and the second I appeared their browser window would minimize. I became a human minimize button. It was actually pretty comical and in some cases I would pull a "Columbo" and walk a few feet away, then turn back and say "Just one more thing..." to see them minimize the window again. Magic I tell you.
Not everyone did this of course. The people that I respected the most would leave what they had on their monitors up, not really caring that I saw they were actually checking the standings in their fantasy football league or pricing AV equipment for their home. I assumed that those folks were taking a micro-break and besides, they were always my most productive people. They managed to blend the ability to be productive with occasional travels into personal tasks and understood when to refocus on their primary responsibilities.
As a manager we had established a usage policy based on trust and I wanted to see that trust reciprocated. What really shocked me was that this talent (my magical window minimize skill) was not limited to entry level employees. I had senior and very experienced people that had enormous responsibilities do it, in some cases folks that were very recent hires. Needless to say those were not my finest moments as a champion for personal responsibility and usually resulted in a quick "Can I see you in my office for a minute?"
I bring this up because one of the folks that used to work for me, an early employee who I liked and trusted, told me about his new employer. They are a very large company and as a result have a very restrictive internet access policy. They do not allow access to social networking sites like Facebook and Twitter and have heavily throttled/limited access to things like Gmail and certain chat sites. I'm sure this kind of systemic approach not only makes it easier for management to ensure people are working and not goofing off during the day but also to protect themselves against liability issues such as an employee ogling porn in plain view of others.
Question of the day
My question for you dear reader is this: If you work in a company that limits your internet access does it limit your ability to be productive OR if you work for a company that does not, do you abuse it? Anonymous comments are on so use an alias if you like but I would love to hear some unfiltered feedback on this kind of issue. I also think it will help some of the managers and entrepreneurs that read this blog.
Comments
It really comes down to the individual people. The larger the company the more likely you will have people that will abuse the access. It is more likely in a large company to have a strict policy that prevents all from viewing non-work sites because a few people will abuse it. So the easiest choice is to prevent it for all.
I implemented a web filter and blocked Myspace and Facebook, people suddenly became more productive but it is still a constant cat and mouse game as they always find some new site to waste time on.
@Torrey: You are completely correct, it can become an extended game of cat and mouse. Something I hadn't considered is a retail bank setting where you have employees in a customer access setting (though that may not be your environment). It's one thing for a manager to come up on a person using their PC for personal time but can be really bad when customers walk up on it. I've had it happen to me before and it's not exactly confidence inspiring as a customer.
I know in the military there are designated intERnet computers that employees can use on lunch and breaks to search the intERnet. These intERnet computers are not connected to the defense intRAnet computers and there is no way to link the two systems. You can't even use a jump drive on the intERnet computers.
Having said that, we do filter for porn,gambling, non-work safe sites etc using a hardware web filter (as much to try and stave off lawsuits as anything else!) and also block non-work online email accounts. Whilst not 100% proof against a rogue employee walking off with our entire client list, it stops inadvertent cock-ups as well.
The blocking of non-work online e-mail accounts is an interesting challenge, not because of the technical difficulty but because of the impact it has on the employee. I would think that it would encourage people to handle many personal tasks with their work e-mail address (examples include providing that address as the contact e-mail for their kid's school or doctor). Then they would be able to get notifications during the work day. Again it is all a compromise.
I do my fair (probably unfair) share of surfing at work, but I do get my job done. I don't go to inappropriate sites and I don't open email from some of my friends since I don't know what may be there. I also don't watch streaming video (NCAA basketball, for instance). I do watch the occasional short YouTube clip, but that's about it.
It is hard, however, being the information junkie that I am...
We have the capability to make people "log on" to a proxy server to use the net (we don't have it turned on though). My vision is a top 10/20/x list of most minutes online by user that is viewable to anyone. And maybe a click through report to see the actual domains visited by these top users.
I don't know if "social regulation" will work but I figure it's worth a try.
Another area I can see problems with is games. Pre internet I had to uninstall Microsoft games like Solitaire from one guy's machine, tricky one though I had to "crash" his PC first so I could "re-install" windows he never did ask about where the games went.
With some of today's online games I can see big problems with some people, it's become an addiction.
Blocking personal e-mail accounts as another poster mentioned I think might cause additional personal mail to be directed towards corporate accounts. When I work with my other employees, we often encourage them to set up Gmail accounts or similar for their personal mail to assist them in keeping their work persona separate from their personal mail. Goes a long way in reducing spam as well... if they order from online shopping sites using their work email, it never stops :-)
Downsides of this open policy is, I suspect, a pretty major reduction in speed in our local network. During the Obama inauguration the network was so congested with audio and video streams it was impossible to get any work done for those who weren't watching. If I walked around the building now I'm sure there are 5-10 audio streams for radio stations and the like flowing in to the builiding.
If we had some hardware monitoring on the network just to get anonymous statistics about the type of traffic crossing the network, I could prove or disprove my theory and decide on which actions to take from there.
Here's one of the reasons it works well to have a more open policy. I would occasionally "waste time" online checking out news and technology sites, programming sites. I learned enough they changed my job tile and responsibilities to be their programmer and webmaster. Then I started playing with Social Networking and Analytics, and now that too is a part of my official responsibilities here.
You might want to take a look at what your smart employees are paying attention to, the early adopters will quickly determine what is useful and what is not... given time, the general population follows and you could be leading the curve if those tools were helpful for your business.
Who were the first businesses on Twitter? Which ones built great networks on Facebook? Most likely it was the "rogue" employees on their wasted time who got started in those directions.
Top reasons to do this are:
1) all e-correspondence needs to be audited. A regulatory requirement.
2) There's a requirement to stop data theft. Along with disabling CD burners & USB sticks, blocking unofficial communication that could send attachments is an easy safety precaution.
Stopping 'goofing off' comes a poor third.
@Gerard: I love that idea! It would likely need to be something that didn't display individual people's usage but could present an average for all to see, as well as an "abuser" (non-named) usage for sites that may not relate to a person's job. If you want to promote that you are part of a team giving folks a generalized view into what they are accessing could be a great motivator for having the team help police itself.
@Duncan: Games are indeed a big time waster. The one that I saw the most abuse with were actually the Flash based games that some sites would host. I once had a sales person that would occasionally play games while he was talking to a customer about our products. Sure, he was able to carry on a conversation with the customer but was he really focusing his attention on the call and their needs. He did not last too long.
@Dan Dawson: You bring up a really good point; social networking sites like Twitter and Facebook are now becoming a tool for people in a marketing capacity. Any policy you put in place would likely need to take that into account.
@Simon: There is a big movement towards more regulation, especially as it relates to data security. Few weeks go by that we don't hear about the theft of personal information or a credit card storage breach. Like it or not I think we'll be seeing more and more of those regulations be pushed down to more and more firms. Thanks for the comment!
Of course that being said I am one of the people who does not hide his firefox windows and I chuckled we reading your post because I do consider myself one of the more productive employees in our office.
Now for something completely different... I bumped into this small vector editing software and have been amazed by it. So if you haven't played with a program called DrawIt. Definitely take a look at it. http://www.bohemiancoding.com/?DrawIt
However, that said, it did tend to be relative to my job satisfaction. The less I was enjoying a job, the more time wasting I did. And the internet made it soooo easy.
Simon makes the best point about access to personal email (eg Gmail), the risk of data theft out that open door is very high.
I used to be in IT and was responsible for implementing web and email filtering. It was about 5 years ago, but I chose ContentKeeper for web, and MailMarshal for email.
I like Gerard's idea of posting time wastage for all to see, but I reckon it should show the cost as well, E.g. This month, across our 50 employees, the company saw 2250 hours of access to clearly definable non-work related internet sites. On average, that equates to $45,000 lost productivity. BTW Xmas bonuses may be down this year.
When I was a manager myself, I was all for personal responsibility, as I believe that gets the best out of staff. So I wouldn't question my staff's internet usage (provided it wasn't potentially offensive) and provided they got their job done.
But this has a serious flaw. You run the risk of people only getting their job done. So they can end up doing the minimum. I know I was guilty of that.
So instead of an employee saying "Boss, I've finished all my work for the day, have you got anything I can do?" or some such, they kill their free time on the internet.
(As someone else said, time wasting has been going on for years, and this situation would also have been; however, the internet makes it so much easier and less obvious.)
This has a further problem when you're looking at staffing and workloads, and assuming your staff are fully employed.
Studies have consistently shown that employees waste too much time on the internet, some even showing up to two hours per day.
My own opinion is, based on myself and what I saw both walking around and looking at the logs, lock it down as much as possible.
(In an amazing and amusing irony, my word verification is "logratr". How appropriate!)
We have a written internet usage policy at my workplace. But no countermeasures that would stop us from visiting any one site.
Do I use our work internet for work unrelated stuff ? Sure, I'm writing here. That's completely unrelated to my work.
I think the trick is in actively making the trust a two way street.
And respecting that people are just that, people. There will always be the need to do personal stuff during work hours. Life as we know it, does not stop just because we show up at work.
In Denmark it's generally accepted (at least in the companies I've been in), that if you need to take care of personal stuff, you do that, within reasonable limits.
However, I did read an article written by the manager of SoftScan, who had the following strategy:
He recognized that there's no such thing as 100% efficiency. People have a tendency to stray from whatever they do at work.
So instead of working against that, he worked with it - every hour each employee had 15 minutes they COULD use for personal stuff, IF they had the need at that time.
On the other hand, it was expected that at least for the other 45 minutes, they would stay focused on their work.
This doesn't have to be 15 minutes. It could be 10, it would still be reasonable.
But the trick is in accepting and acknowledging that "yes, you're a human being, not a robot, and I'm willing to work with you, if you're willing to focus for me".
Scientific studies have also shown that a good employee has around 80% effectiveness in a work day. If you're really good, or really focused, I guess you could hit 90%+.
I personally evaluate on performance. Does the person reach whatever goals are set out for them ? If they don't, it's still not sure that "slacking" is the cause. There can be many causes for that.
So basic point: We're all people. I think you'll only make people resist and make them more counterproductive, or downright disloyal, if you start limiting without them having shown you a reason for distrust.
I think my work performance was way more solid when I couldn't access the internet. But maybe the true reason was youth and will to grow. Anyway, nowadays I surf the internet every now and then in a non-busy day, but I stumble across the same 4-5 sites to read and study technical documentation, other than my personal or company mail.
I believe the right way is to everyone get responsabilized in what they do and where they work. When there was not the Internet, there were a lot of coffee breaks or cigarette breaks or phone calls.
I'm a programmer, aside from the usual sort of thing where I have a lot of downtime due to compiling, I also need a fair amount of uninterrupted time to get into the groove, and the typical workday is filled with distractions. If you plotted my productivity against the number of people currently still at the office, you'd see that there's a strong inverse correlation. 3 or 4pm usually sees a bit of a pick-up in productivity because the morning meetings are done, everyone is back from lunch, and people are a bit quieter. 5pm rolls around and people start leaving for the day. At around 7 or 8pm most of the other programmers have left or are leaving. Here's where I hit my stride and can really get some work done.
Ultimately, I hate this way of working. I'd much rather be able to work well during the day and leave early because I do my best relaxing starting around 5pm, too. If I didn't have the internet to amuse me, I wouldn't be any more productive, I'd just be unproductive some other way.
In the end, it's the results that matter. I'm salaried, so how many hours I spend at my desk is irrelevant as long as my work is done when I say it's going to be and my boss and internal clients are happy. That's what I strive for, not some idealized day where the hours from 8-5 are steadily productive. Again, I'd love it if that were the case, but I just haven't had any luck making that happen.
If I had my own office, I think things might be a bit different. I know that in the past when I've had an office to myself for a week at a time or so, I was always much more productive. Even when people came to interrupt me to ask questions, it was much faster to get back to my tasks.
I agree totally with Luca on that point but it does raise an issue of concern.
The problem we must watch for is that people get proper breaks from their computers. Coffee, cigarettes, and even phone calls provided those regular breaks. What do the experts say? I think it's take 5 mins off the computer every hour.
We must be careful not to let our breaks from work be still on the computer.
Take a look at OpenDNS. You can select what sites to filter (by category or by individual site), and it's free.
And to answer your question, it's safe and wise to at least block access to sites containing malware and objectionable material.
That policy should also spell out what expectations of privacy employees have on company owned computers, servers, and networks. Again, it covers you if there is a problem. Let employees know that their activity may be monitored and recorded, and that will stop the worst of it.
Many colleges have their Policies on their websites; that would be a good place to start in developing yours .
In conclusion, IANAL, you may want to consult with someone who is.
Again an issue of personal responsibility. However - we throw a few things into the mix.
1. We have a VERY rigorous selection process - so we select for users that have high responsibility, ownership etc. Even if the occasional one slips through (and they do) they are generally surrounded by coworkers who keep them in line.
2. We administer internal communications audits twice a year - where you rate your coworkers on their responsiveness, ability to compromise etc. Not a 360 but a simple 10 or 12 questions on a 5 pt scale that gets to the real work issues. Those scores are looked at closely, and compensation is tied to it. Missing a couple of bonus checks because of a bad score can fix you right up.
3. We compensate our employees on their productivity. You get a small base and X dollars for each page you type etc. It's not an easy system to figure out - but once its in place you get 2 side effects - a) people work harder and don't really want you to hire additional help - they'll take the extra work and $$ and b) If you don't work, you don't get paid - so you don't waste a lot of time on facebook etc.
BTW - this also guards us against layoffs etc. Because we are all sharing the pain in a slow economy - and feeling the boost of fat times.
Do I see my CIO or other colleagues on Facebook at times? Sure - but when a deadline is hitting - I promise you - few people are sniping bids on eBay. Those that are, self identify - and justice always seems to get done :)
My experience has been that it's better to pay the lawyers up front to help build or review reasonable policies than it is to pay them to defend you in court.
Legal issues aside, my real focus—and the reason for this blog post—was to open a discussion on how internet access impacts personal productivity.
Thanks for the comment Mike, I really appreciate the responses we've been getting in here; hopefully it builds up some background for managers trying to understand the issue.
This is my opinion when you get into larger IT environment there are people who will abuse what they have access to. We even had a person call in a ticket to the help desk because they could not get to a porn site. At a remote location we had a person bring in their personal modem hook to a desk and connect to their ISP so they could surf the web. This was after hours of course since we are a 24 hour shop.
There are bad apples in every basket and the tools where invented for the abusers but they also help keep everyone in line.
My verdict is that personal responsibility only works for some people. Others would be very productive but would take that as an excuse to surf for the rest of the day (trying to hide it from me). No one abused to look at porn although some gentlemen would check date sites.
One very responsible lady would clock out to surf for personal reasons - that is very honest!
I am working as an internal communicator. When I got the job I didn't have a clue about what the job meant really. If you are interested here is the whole story: http://behindthefence.wordpress.com/2008/12/30/tale/
But back to the topic. So when I started to work there I used the net to educate myself related to internal communications. Best practices and so on. You think that I could do that in my spare time. But actually the situation was that in the beginning I didn't have so many tasks. Later on as I improved my skills and knew more about the subject I discovered the work for myself.Now, I do not have boring hours...
To sum it up: internet access should be limited until a certain point. Depending of the job you have to do some exception regarding the access of certain sites. For example, I do some kind of online press monitoring also at the company nowadays and I need some news sites for that purpose.
Finally, a short (true) story: once I went to the IT manager and said that I need to access to a certain site, which was blocked. He asked me what would I need that for? I replied "Well, it is the global site of our company..." He didn't pose more questions...
The Internet is a tool. It may be used for many useful purposes and it may also be abused to the detriment of your company.
By choosing a one-size-fits-all approach to the problem, you either open your company up to potential abuses (as stated above by other commenters), or you insult the employees that know how to obey the rules and balance their work and personal time. You pay a price either way.
Or, you use a hybrid model and restrict connectivity on a case-by-case basis. Trust all employees initially. If you need to restrict certain individuals based upon previous incidents, restrict them personally without punishing the entire team.
I think it's actually scary how people are looking for control, instead of self-management - which would be the obvious and productive way.
Anyway - I choose to trust that people to what they need to do. I don't mind people surfing personal sites, as long as they generally reach the goals set out for them personally, the department, and the business.
I see the internet as a tool. I *constantly* Google stuff. I network with other professionals. Or people in other fields for that matter.
And while not directly beneficial to the company, it keeps me as a professional and human being, in the loop. Which in turn IS beneficial to the company.
I'm currently looking into building a business case for my workplace, for using Enterprise Social Networking and knowledge tools such as wiki's, on an enterprise level.
What I'm using to gather information ?
Google. Social networks. Communities.
Is it part of my job description ? Partly. I'm the primary responsible for messaging and collaboration. Enterprise social networking and knowledge management are not a direct area of responsibility for me.
But I'm driven by my interest for it. And my firm gut feeling that the place I work would benefit MASSIVELY from using those platforms.
And in the end, when (I'm not saying if, I really mean when) my business benefits from me having strayed from the immediate path - the company will benefit directly from that.
If you kill personal innovation, creativity and initiative, you get far less from your business and employees, than you could.
I get to see this sort of thing all the time. We run our own IT company and manage several sites, some where there is restriction to the Net and others where there isn´t.
I´ve also been involved in processes going both ways.... ie. clamping down an open network and opening another up.
The biggest issue I see is one of **trust**. It´s a powerful statement to employees when measures like this are in place and that statement is generally taken as ¨The Boss doesn´t trust you¨
Time-wasting employees will find another way to skive off if not on the internet and so the issue is more one of the heart than of technology.
I believe that the mature/professional (and most awkward) stance is to confront the time waster and talk it through. Unfortunately the most common stance is to filter and monitor, usually in a subversive manner, and snap them when they break the rules.
It´s a fine line to walk between rights and responsibility (especially in the area of inappropriate content).
Food for thought!!
David Czepanski.
My one major complaint about our system is that it is not uniform. For example, currently I can get to Photobucket without an issue but ImageShack is blocked as a photo upload site. Currently I can get to all of the Digg mirror sites but TinyURL is blocked as a connection proxy.
I noticed that many of the comments mentioned publishing Internet usage statistics. We did have this in place a few years back but it was removed as a possible legal issue with pointint fingers at certain employees. If you do go this route I would recommend some way of displaying the information to the employee with like a ranking number and the bandwith usage. Another system we had used tracked how many hits we were giving individual websites. It was interesting information but in the end it was found to provide no value. (ie Knowing that a certain bank gets 20K hits a day just doesn't help.)
When I am very busy at work I rarely browse the Internet, but if my schedule is light I browse the Internet more often.
I ask myself did I just successfully complete an intense project so I could take it easy for now OR am I in the middle of an intense project and don't have a minute to waste.
With or without the Internet slackers will find ways to slack off. Just give Internet abusers tighter and more frequent deadlines, make them more accountable, and throw the whole agile process at them and watch their usage drop substantially. Really, I think it is as simple as that because it always worked for me that way.
Plus how far we want to go? Should we also cut off all personal cell phones? Monitor game usage and see what they are typing in a word processor?
Many may disagree but I think it is OK to allow an employee to use the Internet to take care of a personal task during their lunch time. It may save an employee a lot of time and headache which will help them proceed through the day better.
Having said all that I need to mention that Internet usage could be disruptive to the group as a whole. On two occasions while working in well established companies I noticed that some people browse porn sites at work. What was demoralizing is that while I was working so hard to meet tight deadlines, others seemed privileged to browse the net so irresponsibly. I never dared to hit a porn site at work. (The last Internet company I worked for allowed programmers to access any site since we often did view source, crawled web pages, etc. on external sites)
Anyway, I still think the Internet is just a symptom and not the root cause. With better project management and employee motivation the issue could be almost entirely eliminated.
I wrote this from an employee's perspective as I should mention that I don't have a lot of proven management experience.
I work for a Fortune 500 Company, Oil and Gas Services. The company uses Websense to block sites like Facebook, Porn, Gambing etc. They also filter for certain words so legitimate sites also get blocked.
They make every responsible for what they look at and everything is recorded and can be used when needed. For example, it's slow now and people are being retrenched. For sure they are looking at heavy users of non work related sites and making this info aware to Supervisors and Managers.
That being said, walk around the cubes and any given time and I see people on the internet all the time. For some reason, Ebay and Facebook are not blocked, so I guess some of the VP's and etc. use them.
Myself, I check email and the news in my own time, usually limited to no more than 30 minutes per day.
I'm one of those ultra-productive types. At my last company, we had moderately limited access: facebook and youtube were blocked; personal email was not.
I will admit that I set up a couple of my home machines up for co-workers to log into to get access to the blocked sites . . . for a small fee.
You can read that how you will. It gave me a competitive advantage because my buddies were paying me for the privilege of wasting company time while I was being productive.
And it would've worked out beautifully except that I accepted a rather fast promotion. I lost seniority when I took that and was one of the first to get laid off when the economy tanked last fall.
But to my point: good, effective employees will be good and effective no matter what freedoms they are given. People who aren't so committed won't be good no matter how restricted they are.
I'll also freely admit to sometimes taking 45-minute smoke breaks, but I wasn't really on break. I was on the phone with clients, on the blackberry getting work done, having impromptu meetings with various people in the company trying to get stuff done.
I see limiting access as a band-aid that punishes responsible employees and allows poor employees less rope to hang themselves with. As a manager, I would want to have the ability to look at someone's web stats and say quite simply, "You violated the agreement."
I will also mention that I was on the pilot team that tested work-from-home setups. My productivity didn't drop (until I was laid off), in fact, it increased.
It was easier and more convenient for me to get to work earlier and stay later. Because I was at home. All I had to do was wake up, open the laptop, and I'm at work.
So to me, the question is more about how you go about finding those people. It's awfully hard to tell what kind of an employee a person is from a resume.
I used to work for a company that had NO internet access, just intranet. I was very productive, but I was too stressed, I eventually moved on.
Btw, my boss also caught me "minimizing" the other day. It was very embarrassing for me, and she give me the... lecture. So now I have devised quick techniques to throw her off. Sorry I can't tell you, you're the enemy :)