I worked for a moderately larget software company (200m revenues) and we were doing just fine. We got bought by a big company (revs 1B) and they clamped down on us. They shut off IM, banned skype, banned chatrooms, banned software as a service usage (like BaseCamp), banned itunes, etc. This all was done for our "protection."<p>They claim that for legal reasons they can't allow any of the above. Legally they need to be able to monitor everything we do and have documentation of it.<p>I talked to a CEO of a company that has been thinking about going public and he confirmed to me that his lawyers advised him to shut down IM, ban iTunes etc.<p>So my question is: is this BS? My understanding is there are many publicly traded companies that allow IM, iTunes, whatever you want (Google, Microsoft?) Why is it that it's ok for some and not others? Does it depend on how paranoid their lawyers are?
Is it BS? Yes. Is it necessary? Yes - but not to you.<p>Big companies are run with other people's money. These people don't trust you and/or your boss(es) any further than they can throw you. I don't blame them frankly. There have been far too many examples of why they are correct not to.<p>So these other people figure that the best way to safeguard their money is to make sure that you and your co-workers are legit. The only way they can do that though is by hiring yet more people to ensure that you actually tell them the truth about what is happening to their money. It's these third parties, the "auditors", that run most large companies.<p>Auditors have found that there is a certain set way of running companies that tends to result in the least amount of risk to the money that funds the operation. The money that belongs to someone else. Auditors ensure that the company is run according to these principles.<p>Ergo: the fact that some rimjob 3 states over once used iTunes to and IM to run a kiddie porn distribution ring or whatever and caused heartache for the money suppliers of that company means that the Auditors concluded that IM and itunes pose a risk to the other people that supply the money for your company: hence, you aren't allowed to use itunes as a matter of policy.<p>It gets even better when the government gets their hands sticky as well. Because then you get crap like Sarbanes/Oxley that basically makes being a criminal more difficult by making everything more difficult.<p>Public companies are not about the product/customer relationship. They are about the investment/investor relationship. You are the investment. Your job is to provide a moderate to excellent growth rate for as little risk as possible.<p>This is why public/large companies have little incentive to innovate in the same way start ups can, as an aside.
A company I once worked for brought in a new IT manager who implemented all sorts of absolutely crazy rules like this. Including setting the screensaver and wallpaper for every computer and blocking users from changing it.<p>Not long after he arrived it was discovered that a few of the guys in IT were using company servers and network to run a porn site.<p>Some of the stuff you mention is moderately defensible. Like iTunes (you're supposed to be working). But Skype and IM like e-mail are great productivity tools if used properly. And Skype can save a company bunch of money too.<p>I'd say there is a great market opportunity for somebody to figure out how to answer the problems you are describing. Giving IT the confidence and info that they want, while enabling the tools you are being blocked from using.
In large companies they are necessary to maintain some form of control, just so you don't have your IT department running around fixing computers all day, but not to this extent. What you're dealing with are technically-challenged control freaks.
This is a world where you can E-mail sensitive documents anywhere, log in over SSH without a trace, visit cached web sites instead of using "blacklisted" domains, use virtual host names, and set up VPNs. An I.T. person is delusional if he or she honestly believes that it is possible to fully "control" computer use.<p>The solution for securing sensitive material is not to do stupid things like posting it on any web site ("protected" or not), and to absolutely trust under penalty those who receive (paper) copies of it. And so forth.
Those of us who know how to conduct ourselves see this as unfair, but like verything else in life you have to consider the lowest common denominatior. The data leaks happen in the places that really shouldn't have the problem<p>(President, Safehouse, Limewire)
<a href="http://www.computerworld.com/s/article/print/9136053/Details_on_presidential_motorcades_safe_house_for_First_Family_leak_via_P2P?taxonomyName=Security&taxonomyId=17" rel="nofollow">http://www.computerworld.com/s/article/print/9136053/Details...</a>