

Report: Personal Internet use at work out of control  - quoderat
http://arstechnica.com/tech-policy/news/2009/04/report-users-on-enterprise-networks-out-of-control.ars

======
TomOfTTB
I can vouch for the validity of a lot of what is in this article. I set policy
for a network of a little over 200 computers. When I first started I was
pretty lax. My opinion in regards to the internet was I didn't care what they
used it for as long as it wasn't illegal or dangerous. If it interfered with
their work output their boss could deal with it in the same way he'd deal with
someone reading a personal book or calling a personal friend at work.

But unfortunately it just spun out of control. I had two DS3 lines at 45mbps a
piece and they were getting maxed out. I had people bringing in their personal
computers and using the wireless network for p2p, people watching TV in their
desktop background and all kinds of other stuff.

Eventually I had to shut it down. Employees needed the internet for actual
work purposes and the personal stuff was causing that to run at painfully slow
speeds. In the end I still try to give them a little freedom but only to view
regular websites. Anything video/audio related is blocked (to the best of my
ability)

~~~
nostrademons
I can vouch for it too. I'm reading Hacker News on my work laptop at midnight
on a Sunday night, while also SSHed into my workstation and working on a tool
to make tomorrow's task go a bit quicker. This sort of blending is somewhat
inevitable when you encourage people to work "just whenever" - if I couldn't
use my work laptop for personal tasks, I'd just use my personal laptop (which
is what I do when I'm doing non-employer-related code), which means I wouldn't
be working on work tasks, which means less productivity for my employer.

~~~
TomOfTTB
For the record, I've found that people like you are generally not the problem.
People like yourself (and myself for that matter) tend to get assigned more
work because they are responsible enough to ask for a new assignment once
they've completed the old one. This means you have an endless supply of work,
some of which you end up taking home with you. But the reality of that endless
supply of work means that you spend most of your office time on it.

The people who tend to abuse workplace Internet are those who don't ask for
more work but instead sit around and wait until someone comes and gives them
more work. This delay leads to a lot of personal Internet time.

Something else to remember is that Broadband Penetration in the U.S. is still
only at 57% which means a lot of these people (who are in the lower income
level to begin with due to their lack of initiative) don't have high speed
internet at home. Which leads them to do most if not all of their personal web
surfing at work.

------
JulianMorrison
Suppose in a company of N employees, you allocated an absolute cap of 1/N of
the total upstream bandwidth to each Ethernet port. You wouldn't do that,
because it would be slow. So you have to recognize that what you're doing is
_over-committing_ bandwidth. You are relying on less than N users sharing.
But, bandwidth is a freebie to employees. They gain and don't lose if they
maximize usage. That means that they can and will pour effort into subverting
any and all firewall controls. That's a race you can't win.

Looking at it economically, what's the answer? Obviously, you have to start
charging for bandwidth. Treat it as part of the department's budget.

~~~
TomOfTTB
Tried it, didn't work out so well. The problem is that a lot of these people
are doing actual work too. So you get situations where Department A needs the
Internet because their applications are web based and Department B has all
desktop apps.

If you then choose to charge Dept A. accordingly they balk because they are
being penalized simply because their applications are on the web.

Also keep in mind that an IT department doesn't want to become the Internet
police. Which is exactly what happens when you try to charge individual
departments because they rightfully claim they can't watch their employees
every second to see if they are using the Internet for personal use. Meaning
it turns into a big hassle where you have to comb through firewall logs
identifying each employee and how much internet they used and then create a
report based on that.

All in all it's a good idea in theory but one I haven't found a way to
implement in practice.

