Re: Blocking Music Sharing.

[<srenna () vdbmusic com>]

The company I was at before this was ridiculous, as bad as
it was for you.  The company had a massive MP3 server and
he basically had me cut off access to it to everyone except
for him...i should call the RIAA on his ass...

don't waste your time trying to enforce this man, you're
not liable for anything as you're an agent of the company,
so don't stress it.



On Tue, 16 Sep 2003 23:27:07 -0500
 "Rick Kingslan" <rkingsla () cox net> wrote:
> "Bottom line is if management won't back the admin's
> attempts to stop things
> like this from the office, and the admin can't (for
> whatever
> reason) prevent it from a technical level, then the admin
> has no place in
> taking upon themself to embarrass or discipline
> employees.  There's no place
> for BOFH in today's corporate environment (IMHO at least)
> and things like
> this are unfortunately what gives seed to many admin
> types I've either fired
> or wanted to choke to death in the past.
>
> Let management enforce the AUP in a professional manner,
> taking the issue
> seriously or not at all."
>
> In my current situation - I can't enforce crap because
> the biggest offender
> is one of the VP's.  Seriously.  Currently, my hope is
> that he's d/ling
> enough to catch the attention of the RIAA.  With any
> luck, he'll be served
> and jailed in a week or so.... ;o)
>
> Honestly, you make good points - and you are clearly
> correct.  Trying to
> enforce policy that is either not communicated, or badly
> done - is stupid
> and ill advised.  
>
> However, if the policy IS communicated, sometimes you
> only have to make an
> example of one or two offenders - with your actions
> strongly backed by
> Executive Management.  Typically, if the rest of the
> peasants see someone
> strung up out in the main courtyard or the main lobby -
> they get the point.
>
> I'm really into good examples.  AUP works - examples
> _with_ an AUP works
> better.
>
> -rtk
>
> -----Original Message-----
> From: full-disclosure-admin () lists netsys com
> [mailto:full-disclosure-admin () lists netsys com] On Behalf
> Of Jonathan A.
> Zdziarski
> Sent: Tuesday, September 16, 2003 9:33 PM
> To: Ron DuFresne
> Cc: Cael Abal; full-disclosure () lists netsys com
> Subject: Re: [Full-disclosure] Blocking Music Sharing.
>
> > > I heartily disagree -- if an offense is considered
> serious enough to 
> > > warrant being prohibited in an org's Acceptable Use
> Policy then 
> > > there should be real punishment involved.  If an
> offense isn't a big 
> > > deal, then the AUP should be rewritten.
>
> My belief is that proactive prevention should always be
> tried before even
> getting to this level; there should be differing levels
> of severity in
> punishment for those who violate the AUP, but I see no
> reason not to block
> the common ports as a first attempt.  Nearly every
> company has a corporate
> firewall (or at least should).  Many P2P sharing tools
> are on obscure ports
> that could easily be blocked.  Even a half-baked firewall
> policy ought to be
> able to prevent sharing.
>
> > > A Wall of Shame just sets a bad precedent -- a user
> could argue that 
> > > the rules were ambiguous.  "What?  You can't fire me
> for running 
> > > that root exploit!  None of the other rules were ever
> seriously 
> > > enforced, our policy is a joke!"
>
> Exposing employees instead of dealing with situations
> privately is always
> bad politics, and can be an easy way to kill morale (not
> to mention bring on
> a lawsuit by an embarrassed employee).  Enforce the AUP
> in a private, civil
> manner.  
>
> Bottom line is if management won't back the admin's
> attempts to stop things
> like this from the office, and the admin can't (for
> whatever
> reason) prevent it from a technical level, then the admin
> has no place in
> taking upon themself to embarrass or discipline
> employees.  There's no place
> for BOFH in today's corporate environment (IMHO at least)
> and things like
> this are unfortunately what gives seed to many admin
> types I've either fired
> or wanted to choke to death in the past.
>
> Let management enforce the AUP in a professional manner,
> taking the issue
> seriously or not at all.
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.netsys.com/full-disclosure-charter.html
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html