--

Enforcement of company web access policies

So, uh, I didn't realize I was connected to my company VPN and accidentally went to a number of, shall we say, "adults only" sites. I disconnected as soon as I noticed, but I'm wondering what your past experiences have been with the strictness of web access policy enforcement at your companies.

I had an experience at a previous job where my (female) boss came up to (male) me and had "the talk" about how she'd gotten reports that I was accessing inappropriate sites from work. That particular instance was in error (freshmeat.net is NOT a porn site), but it was still an awkward moment. I'd like to avoid repeating it if at all possible, especially since I'm actually at fault this time.

Any suggestions (besides the obvious pay-attention-to-the-VPN-icon,-dummy)? Has it made a difference if it was over a VPN versus the company LAN?
Permalink Blushing 
March 4th, 2005
VPN access is typically, at least at the company I worked for, given one of a pool of IP addresses. Since it's not your regular IP address, your web browsing activity might not be logged & reported in the same way. You can check your IP address by typing IPCONFIG at the command line.

If it does show up on some sort of browsing report (assuming your company creates them & your manager looks at them), I still wouldn't sweat it. If your boss is a man, he probably surfs them too from time to time, and unless you're into some really bizarre stuff, I wouldn't worry.

You might be able to configure Privoxy to put a big fat banner on top of any web page you visit that says "WORK PROXY" or something to that effect to prevent future indescretions... but then, I doubt you'd make the same mistake twice.
Permalink MarkTAW 
March 4th, 2005
To address the original issue - that your traffic went through your company's network - you can uncheck "Use as default gateway" in the advanced TCP/IP settings of the VPN connection (presuming that you're talking over the public internet rather than a direct dial-up). I believe in older versions of Windows you had to post-connect drop to a command line session and do some ROUTE commands to set your normal connection as the default gateway.

ROUTE DELETE x.x.x.x.

ROUTE ADD 0.0.0.0 blah blah

(so only company subnet packets go to the gateway)

Quite apart from hiding your pornery, it saves the inefficiency of packet circumnavigation.

BTW: Most VPNs have full logging of all activity. I would 99.999% guarantee that they know exactly who held which IP for what period of time.
Permalink Dennis Forbes 
March 4th, 2005
Ditto to what the previous folks said. As far as "what's going to happen if they find out" - it depends on personalities.

I worked at one company where the sysadmin told me that he laughed at the web logs. At another company *I* was the sysadmin and they never even asked. Larger companies generally won't say anything unless it looks like that's all you're doing during working hours.

Finally, the wrong conflux of personalities can result in automated reports being sent to HR - one bad hit and the contents of your desk are mailed to you. :/

Philo
Permalink Philo 
March 4th, 2005
We had a problem where my manager came to me one time and said that there was no real reason for me to access Maxim magazine 25 times a day, especially when it was bloked by our Websense.

Baffled, I went back and realized that one of the sites I would get information from had an ad for Maxim that was server from the Maxim server. So the ad was being blocked, and I never noticed it because the graphic just wouldn't show up.

Luckily I was able to create a brief proof-of-concept page and the whole thing was dropped, but it was a little gut wrenching at first.
Permalink Cory Foy 
March 4th, 2005
The main reason for banning access to porn sites, apart from the fact you shouldn't be doing surfing on company time, is fear of sexual harrasment cases from disgruntled female staff obliged to view smut on their maie colleague's screens. Therefore I wouldn't think they'd be over bothered over access through a VPN
Permalink Stephen Jones 
March 4th, 2005
That's assuming they've got the intelligence to understand the base reasons for the ban, rather than thinking it's simply a ban on what ANYONE might find offensive, regardless of locaion, privacy, or context.
Permalink muppet 
March 4th, 2005
You should have seen the dirt fly when the virus/junkware scan found a drive-by download from when the boss's kid was surfing gambling sites when he was supposed to be working...

Sometimes it's good to be the one who knows where all the bodies are buried... [evil chuckle]
Permalink cubiclegrrl 
March 4th, 2005
Mr. Jones: Speaking purely for myself, I don't think that it's so much a matter of porn withering my delicate sensibilities. I think it's more that I frankly just don't want to, y'know, *wonder* about my co-workers. As in, "Am I working with the next BTK?" kinda thing... I know quite well that it's not entirely rational, but men aren't raised with the bogeyman of rape either.

If you want to go ahead and tell me to grow up and take karate lessone or pack a gun or whatever, that's certainly your perogative. I just wanted you to know where I was coming from, and that not all women take offense at pornography just because they think it's "icky" or whatever.

Thanks for hearing me out.
Permalink cubiclegrrl 
March 4th, 2005
So cubicle girl, your argument is that men who look at porn are more likely to be rapists?

Lady, you're either incredibly sheltered or just really dumb.
Permalink muppet 
March 4th, 2005
Muppet: I said that I know that it wasn't rational--it's basically a stereotype that happens to play into the headlines. You know: Holly Jones--that sort of thing?

I'm *not* making any empirical connection between pornography and criminal behavior. I'm not a social scientist. I'm merely asking Mr. Jones to step into a different headspace for just a minute, because for me it's not at all the "Eeeeeeeww" factor that would freak me a bit if I caught a co-worker on an XXX site.

I hate, hate, hate to say, "It's a chick thing; you wouldn't understand." So I'll just note that I was raised as a the oldest of two latchkey kids, both girls, by a single Mom in a less-than-white-picket-fence kind of neighborhood. The associations between porn and the creepy neighbor two apartments down are a long story (nothing bad happened, just some creepiness involving my little sister). But suffice it to say that the mental association for me was formed pretty early on. I'm sorry to say that sometimes no amount of "education" can override early conditioning.

Honestly, though, if you found out that your boss was, like, big into the whole dominance-and-submission thing, would you not in fact start to look at her/his micro-management just a *little* bit differently? ;-)
Permalink cubiclegrrl 
March 4th, 2005
Depends who's looking at your screen and your logs.

Surfing on the boss's time isn't going to endear you to your team let alone your boss and some stuff is recognisable from quite a way away. It was a difficult thing to appreciate, me being an engineer, that roughly half the workforce isn't into nature study and Elle McFurseal's mammaries weren't a good choice for desktop wallpaper and they had to go, right now, dammit :-(

However the OP presumably wasn't at work, simply on the boss's VPN. So what. Uh, the logs. This is more of a worry. If tackled, ask for the log timestamps to be taken into consideration.
Permalink trollop 
March 4th, 2005
To clarify, this was at like 1am... the VPN was just still logged in from earlier in the day. And it was nothing freaky, pretty standard fare (except one link site that occasionally posts kink-related links, much to my chagrin when my mousing misses the intended target). I actually didn't even look at any pictures, I'd just hit my mozilla tab group for the sites and only then glanced down at the happily tattling icon. I'd bet they hadn't even completely loaded before I said "oh shit!" and disconnected.

Cube: I understand where you're coming from, I wouldn't particularly like to know the sexual interests of my coworkers. But, and I'm not arguing in my own defense but rather on an academic level, should your admittedly irrational associations be the basis of company policy? I'm honestly asking... I can see the benefit of protecting peoples' psyches for pure morale purposes, and to avoid crossing that blurry line into sexual harassment, but a part of me doesn't like how disingenuous it is to pretend that people don't have personal (including sexual) lives.

In any event, while that would cover people looking at porn from work, do you think it would/should probably absolve people accidentally using the VPN at home?
Permalink Blushing 
March 5th, 2005
OK, muppet, let's go over this again.

You're in the market for a car. You see a hundred TV ads showing you how car XYZ is beautiful, efficient, has a 50-disc CD changer, whatever. You become more likely to buy car XYZ. It's fairly simple, and it's how advertising works.

Now if you're making minimum wage and can't afford car XYZ, that's that. But if you can, and you might buy car XYZ, then the purpose of advertising is to give you that little push from "might buy" to "will buy".

Analogously, not everyone who looks at pornography will suddenly, or even gradually, become a rapist. It doesn't work that way. Like advertising, it only gives you that little push, so that those who are right now in a state of "able to commit a violent felony" gradually transition to "just looking for the right opportunity."

These are not difficult concepts. It's ironic that, because you can't grasp them, you accuse someone else of being sheltered or dumb.
Permalink Kyralessa 
March 5th, 2005
Blushing: I do think I know where you're coming from, honestly. And I like to think that if I ever were setting company policy, I would be adult enough to "firewall" those early-set associations. Just as I would have to--in the name of fairness--squelch a whole lot of other personal biases, preferences, etc. that just come with being human.

If I sounded like a Victorian prude judging you, you have my sincere apologies. I do agree that it's not completely honest to pretend that we're not sexual beings. But, too, work's work and we have to pretend a whole lot of things to get through 8+ hours that we will never see again. Sigh...

Kyralessa: My gallant defender! ;-) Thanks for saying so well what I should have said right off. You're my lunch-box hero today. :)
Permalink cubiclegrrl 
March 5th, 2005
Kyra -

Not to play into your last statement, but what a stupid argument.

By your argument, someone who is more likely to become a rapist, is, well, more likely to become a rapist. The correlation has nothing to do with porn, and you sound like an idiot when you try to argue that looking at porn makes you more likely to be a rapist. The propensity has to be there.

I'd argue that NOT ever looking at porn makes you more likely to be a rapist, because then you're almost certain to be more pent-up and frustrated. I'd be afraid of guys who never, ever did.

There is no rational argument for porn as "warning sign" of potential violence.
Permalink muppet 
March 6th, 2005
I was just going to say something similar. I mean, I could see Kyra's argument if someone were into fare that depicts faked rape or something, but c'mon... Just the standard stuff edging someone from 'thought about it' to 'waiting for the opportunity'?

I doubt it.

Actually, considering rape has very little to do with sex and everything to do with power, it would seem to me that since I see no relationship of power and porn that it is all the more unrelated.

Keep working on it though, maybe one day you'll edge your way from lunchbox hero to potential one nighter. ;)
Permalink I am Jack's one night wonder 
March 9th, 2005

This topic was orginally posted to the off-topic forum of the
Joel on Software discussion board.

Other topics: March, 2005 Other topics: March, 2005 Recent topics Recent topics