Thirty-three people at the SEC were found to have been looking at porn at work over the past five years according the a summary of internal probes conducted by the SEC’s inspector general and reported by the Wall Street Journal and eSoft.
Without imposing my social norms, it's very bad form to surf porn sites while at work – to say the least. The SEC, part of our US Federal Government, is supposed to be protecting investors who buy stocks and bonds. Sarcastically, how can they be protecting investors if they are surfing porn? Simply, they can’t. As a hard-working tax-payer, I feel as though I can be a bit selfish in asking that our government employees who are pulling in $99–220,000 per year actually do their job of watching the activities of the securities industry and not the activities of porn stars.
However, with all there is to offer on the internet, it takes more than just discipline and good intentions to keep employees off non-essential activities when they are at work. Sure they want to check the scores of their favorite team or just check-in with their friends via their favorite social-networking site. However, that starts them down a slippery slope of misuse of the network. Since they are checking scores, they might as well check a few personal emails, their home DVR settings, add to their virtual farm, take out a few angry birds, and even catch-up on their favorite blogs on hunting in Montana.
Next thing you know, the morning is gone. And, by the way, their customers have a crisis and they were not on top of it because they were managing their virtual farm and not the assets of their customers. We are all susceptible to the allure of staying connected with our outside world while we are at work, but we need to stay focused on our duties and responsibilities of serving our business and it customers. That is our job.
From a manager’s perspective, we have a desire to make our work place friendly, but we have the responsibility of keeping our company, its employees, vendors, and guests focused on our business and our customers. That means managing the use of the company resources (such as Internet access). Because every company has unique needs and no single solution works for all environments, the first step in managing your business internet resources is first measuring its use and then implementing company-specific rules to manage it through proper computer network security.
Internet access represents such an enormous opportunity and capability for business. We cannot live without it (at least that is our impression). However, as with any technology, it can be misused. This can be as innocent as checking personal email or as severe as leaking propriety data (intentionally or unintentionally). Surfing porn is somewhere in between. Managing, having the ability to obtain objective reports on internet usage, and ultimately blocking access to inappropriate or dangerous websites is critical to managing the business network and ensuring it is empowering your business and not placing it at risk.
In order to receive the benefits of your network assets while minimizing the business risk of misuse, all companies should regularly look at how their network is helping keep them, and their employees, away from activities that ultimately expose the company to risk, liability, or embarrassment. We can always say that we have taken steps to discipline employees who break rules or misuse company resources, but have we taken the steps to prevent similar problems from occurring in the future?
People are the weak link in any system and distraction is human nature. However, the business network and its network security components can help manage the risks associated with the Internet and reduce the opportunities of mischievous (if not criminal) behavior that cause problems like those we have observed with the employees of the SEC.