Just a couple more comments. a) The company I work for operates a similar regime. Getting it changed is just not going to happen. There are filters that do net let us email some attachment types (exe, bas etc.) to each other on the internal network. This is really inconvenient at times so a number of workarounds have been developed (change the extension to something permitted, zip with encryption, send the zip andthe encryption key) This workaround is, in fact, suggested by our local IT dept. So, given some workarounds are "allowed", who says what isn't - provided the intent of the rule is not broken. b) There is a famous quote from someone (TS Elliot ?) relating to progress and how it is a result of people breaking the norms or the rules. Similar to "Do what you've always done & get what you've always got" but related to the progress of civilization in general. The same thing could be seen to apply to working within artificial boundaries. We are employed for our ablity to use our skills and be innovative. We can hardly be blamed for being innovative in finding better ways of doing things. (Not that either of the above arguments could be expected to assist if everything turns to custard.) RP On 16/02/2008, Sergey Dryga wrote: > Xiaofan Chen gmail.com> writes: > > > > > On Fri, Feb 15, 2008 at 7:51 PM, Gerhard Fiedler > > connectionbrazil.com> wrote: > > > > > > Setting up a VPN is not the solution. > > > > > > Why not? Let's look at this from a moral POV. The objective of the > > > department that set up the web traffic cop is clear: they want to prevent > > > employees from browsing non-business related sites. As a side effect they > > > severely harm the work of employees who need to browse sites as part of > > >their job function. Now one of those harmed employees finds a technical way > > > to improve the browsing capabilities and uses it only for job-related > > > browsing. Where is the moral problem? > > > > > > Of course, it may be prohibited by some kind of employment contract, but > > > chances are it's not. If it's not, where's the problem at all? > > > > > > > The problem is chances are that the IT department has already policy > > in place saying that this (setting up unauthorized software to circumvent > > company IT policy) is against the policy. And this has been my > > experiences. > > > > Xiaofan > > Gerhard, > > Even reasonable people might not realize the impact on business operations > immediately. In addition, there may be other factors influencing their > decision, such as (i) lack of time - poor excuse but very real; (ii) other > issues that cannot be discussed with everyone; (iii) fear/unwillingness to > challenge HR rules due to litigation environment, etc. > > The moral problem with the technical solution is this: Who decides (proves) > that rogue VPN is used for job-related activities? > > In every company I have been, sys admin will scream, or take the head off, > of anybody who sets up unauthorized service on internal network. > And they are absolutely right. It is sys admin's job to keep internal network > operational and safe. A rogue VPN does not fit in any definition of safe. > Even if it is setup for job-related activities, it can as easily be used to > dump confidential data out of control of the company. If we look at this > issue from this point of view, I can see repercussions from Sorbanes-Oxley > act compliance, 21 CFR part 11 compliance (not sure if it is applicable in > this case, but it is in my company) and probably a host of other laws and > regulations (even maybe DMCA). > Now, I am not saying that all these laws are great, but they are laws and why > one would set himself up for potential prosecution is beyond me. > > So again,from technical point of view, this is a fine and solvable problem. > >From the point of view of business life, technical solution for this specific > problem is not a good one. This problem should be solved using bureaucratic > means. > > > Sergey > > > > > -- > http://www.piclist.com PIC/SX FAQ & list archive > View/change your membership options at > http://mailman.mit.edu/mailman/listinfo/piclist > -- http://www.piclist.com PIC/SX FAQ & list archive View/change your membership options at http://mailman.mit.edu/mailman/listinfo/piclist