Re: Restricting private "webmail" access from government employer network?

["ॐ aditya mukadam ॐ" <aditya.mukadam () gmail com>]

On Thu, Aug 7, 2008 at 8:04 PM, Meenal Mukadam <meenal.mukadam () gmail com> wrote:

Eric,

Now a days and most of the time, the companies which blocks personal
web-mails etc also block complete internet access.The
management/policies (of such companies) donot want the employees to
access web-mails as they might unknowingly download virus/worms from
emails. Such companies might not have the required man-power to handle
such risk.

If such company decides to allow their users to user web-mail and
internet below are few reasons:

1) The management/security team has installed some URL
filtering/content filtering tool which would now allow them to have a
detailed report of 'which user accessed which site, how many times
etc'. This is most common reason for them to allow the access so that
they can monitor your behavior which will help them than simply
blocking access.
2) The management/security team is confident of counter-measures in
place in case a user downloads virus/worm from their web-mail.

Thanks,
Aditya Govind Mukadam

> Hello Eric,
>
> One more reason that i can think of is: "One cannot completely block
> those services!" Blocking has ben tried....but nothing can stop a
> determined user....it just slows them down...."
>
> By blocking, resources in terms of time, money, human resource, etc
> are just wasted. What I mean is few users are so determined that they
> will fiddle around with tonnes of proxies and settings to bypass the
> restrictions during their working hours. Few even take it up as a
> challenge or a fun item to try and bypass the restrictions. So the
> resources that I mentioned before are wasted when they can be utilised
> in a better way....
>
>
> Kind Regards,
>
> Meenal A. Mukadam
>
>
>
> On Tue, Aug 5, 2008 at 1:34 PM,  <krymson () gmail com> wrote:
> > I read this as you asking why employers may change their mind to allow external non-work webmail access.
> >
> > One reason has already been mentioned: happiness and productivity in your workers.
> >
> > Another reason: Ever try to block all the webmail sites out there? Sure you can swat down hotmail, gmail, yahoo, 
> > hushmail and other big ones. But ever try to find my SquirrelMail box on my server at home? Good luck there. You can 
> > block a ton, but the security teams will never, ever say that they are confident no one is using personal web-based 
> > email. This can translate into a failed endeavor in the business world, thus employers may allow it.
> >
> > My last reason: Someone in a position of power (CEO/Exec/HR Exec) needed to access his Yahoo account at work and got 
> > cockblocked. Then, since it was suddenly his pain and not just everyone else's, he made steps to challenge and 
> > change that policy. :)
> >
> >
> >
> >
> > <- snip ->
> > It seems some employers decide to block access to personal email/webmail
> > from employer networks, but then later change their mind, in favor of
> > allowing private (non-work related) webmail access.
> >
> > Having researched the issue a bit, supposedly there are very few valid
> > reasons to allow private email/webmail access from a corporate network, and
> > many reasons in favor of restriction/banning.
> >
> > If this is true, why do employers nonetheless change their mind mind in
> > favor of allowing webmail access? What is/are the deciding factors?
> >
> > Thx,
> >
> > Eric
>
>
>
> --
> Meenal A. Mukadam
>
> -------------------------------------------------------------
> Far away there in the sunshine
> are my highest aspirations.
> I may/maynot reach them,
> but I can look up and see their beauty,
> believe in them and try to follow
> where they lead
> -------------------------------------------------------------