End User Ignorance - How long will we cope? - Page 3
Page 3 of 5 FirstFirst 12345 LastLast
Results 21 to 30 of 50

Thread: End User Ignorance - How long will we cope?

  1. #21
    Banned
    Join Date
    Jun 2003
    Posts
    1,302
    This has been an interesting topic for me for quite some time, I have worked at several places where the AUP, pretty much said if it doesn't have anything to do with your job, you better not be caught on the site.

    While I do agree that people doing other things at work, is counter productive. There are bigger things that should be thought of when you see that log that says, all the things that people are doing to get around.

    I would personally think, that the important thing would, not be how much someone trys but if they actually succeed. This is kind of off topic but, I just see that if you are a corporation and have so many users trying to access off Network places, i.e. Ebay and other sites. Then maybe there should be a small clause in the AUP, for such acts.

    Tiger I understand your side, (Damnit your here to work, and work you shall.) The issue I am wondering is, is it truly intelligent to limit access to business projects only. I mean think about it, what does it hurt for someone to use the companies equipment to check there real estate business. Though I understand it is not what she is there for it, still dawns upon me that if there were a small clause to include. Something like.

    "While, the connection and access that you are given here is, meant to be used, for company work, you are given small leeway(sp) to do other things, these include but, are not limited to, checking the weather, checking your off network email account. Things that will not be tolerated and will result in immediadate displinary actions are, being caught on pr0n sites, (add whatever the hell else.)"

    Oh well just my thought on the entire thing, though I find the gvt. thing really funny, because TH13, the office and area you work in that is the policy but with my Gvt. experience, that is not the case, and probably won't be for a very long time. Main reason is, it just tends to be the case the Users are really idiots, I have seen users that don't know how to turn a computer on. (I am serious, the dumbass woman didn't have any idea how to turn it on.)

    Oh well...

    I would love to see that policy started and run on military servers, or networks. I don't think there is a chance in hell, that will fly.

  2. #22
    Member
    Join Date
    May 2002
    Posts
    93
    When I was in Kuwait we had a similiar problem with the lonely guys in tent city. They would go to their work stations and night and 'take care of business'

    First we would warn them, just them. We figure 'sure they signed the agreement, but they are horny...lets not come down on them too hard'

    After that we found that humiliation in front of their supervisors, supervisor's supervisors worked the best. We would just call them in, and show all of them what that person had be surfing, and show the log times from the PDC to prove it.


    I'm not sure how this would translate to the civilian world, but it worked great for us.
    Tachyon

    |-----|Alcohol is my anti-drug |-----|

  3. #23
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Whizz:

    what does it hurt for someone to use the companies equipment to check there real estate business
    Four hours a day????? That's akin to theft insofar as my company is paying her to work for her yet she is working for herself. Not to mention my bandwidth.

    More importantly companies are firing people for offense x and when the firee finds out that someone else committed the same offense and only got warned they sue.... And guess what, they win. Thus when we put a policy in place we have to be able to show that we apply it across the board with the same consequences to all. Thus when the policy says "work network for business purposes only" and don't fire this gal for running her real estate business from work then we can't really fire the person for surfing the pr0n all day can we? Surfing legal pr0n is, after all, _legal_.

    Besides, a good firing for breaking my policies tends to put those users that were straying back into line for a while....

    To put all this into perspective. I don't stop people from reading the news, sending silly greetings cards, checking the sports scores etc. Our web filter is pretty reasonable, (porn, hate speech, hacking, kids sites etc.), most of the categories are left open. What I do is go and look at the "biggest hitters" from each location every month or so. If you are up there with the high usage workers, (we have some people who _work_ 6-7 hours a day on the net), I look through where you go. If you have been abusing my system then you get my warning that is also saved to a folder in my inbox. In any subsequent month if you are still a big hitter and your name is in the folder I copy the original with a note to your supervisor. If your supervisor doesn't fire you and you are still there next month I cut your internet and email and let you explain to your boss why you can't do your work...... They generally are fired at that point....

    All this reminds me...... Time to run those reports.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  4. #24
    Senior Member
    Join Date
    Jan 2003
    Posts
    274
    Originally posted here by Tiger Shark
    I also have one advantage over many here. If I say "this should be so" my management buy in right away and if the users whine too much they respond with "Talk to Tiger Shark". You'd be surprised how few direct complaints I get..... (heh, maybe I should start calling myself Tiger Shark here, it might divert those last few whines..... )

    Ha!

    I have the same advantage. Although I am a very nice guy, and genuinely try to help people, I am also a 6'2", 205 lb, heavily tattooed ex-Special Operations soldier who has the evil glare thing down to a science. Neither users nor my team ever complain to me about my decisions directly.

  5. #25
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    I am also a 6'2", 205 lb, heavily tattooed ex-Special Operations soldier who has the evil glare thing down to a science.
    Other than the size and the tattoos we share similar characteristics....

    It's a definite advantage..... I was also once asked "Where do you work, Building Maintenance?". I replied "Yes"...... I love it when people underestimate me..... They expect the IT staff to be a bunch of pencil necked geeks..... Comes as a bit of a shock when I walk into their orientation......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  6. #26
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Thus when we put a policy in place we have to be able to show that we apply it across the board with the same consequences to all
    *cough* except for us IT higher ups *cough* Is it fair?
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

  7. #27
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    New Jersey
    Posts
    718
    I'd like to take a slightly different angle and dig a little deeper into the user mentality. Using my own experiences and a few quotes from Office Space (which I believe is one of the greatest movies to portray the typical office worker mentality), I think can I better explain why people defy rules and surf during work hours irregardless of warnings.
    it's a problem of motivation. If I work my ass out, I don't see an extra dime!
    self-explanitory and very true. I've felt this way very often at my old job and found myself thinking "f**k the boss, I'm ahead of my work and I'm going to relax and enjoy some chat".
    Ambition is not necessarily good and mediocrity is not necessarily bad
    I was always told, good work will be promptly punished with more work. I'll be damned if that isn't the god aweful truth. When I was a programmer, I used to allocate my time wisely. I would generally get ahead on all my projects, and leave around 1-2 hours to jerk around towards the afternoon. Here's the key, I never let my boss know just how far ahead of my work schedule that I was. This lead him to believe I was just competent enough to do the work on schedule and left me all kinds of time to email my buddies, play online games and chat.
    That's my only real motivation is not to be hassled, that and the fear of losing my job. But you know, Bob, that will only make someone work just hard enough not to get fired
    I used to feel, if I did enough work (to be on or ahead of schedule), I deserved some down time to relax and goof off. The more I was pressured into working, the less likely I was to do anything even remotely productive. The more threatened I felt, the more rebellious I became. I knew nothing at the time about computer security (as do most typical users) and could care less about spyware/trojans/viruses, etc. In my mind, that was the admins job...to protect the system (after all, that's what he was getting paid to do). So what is a little surfing going to hurt?, I thought. If they came after me, I felt they were being anal retentive *****s and didn't appreciate any work that I did do.
    Yeah, I just stare at my desk, but it looks like I'm working. I do that for probably another hour after lunch too, I'd say in a given week I probably only do about fifteen minutes of real, actual, work
    Some days, there was just barely enough work to keep a lemming occupied let alone an entire staff of workers. And what to do? surf the internet! of course. This made sense to me and besides, there's nothing to do anyways, I thought.

    This was during my early 20's. I'm now almost 30 and all the wiser to computer security. All those things my admin used to tell me back then, actually *make* sense now...almost 10 years later. Ironically enough, I'm thatguy now...the guy whose supposed to take care of the network, that's what I'm paid for, right? Funny thing is, if I met myself now, when I was 21-22 years old, I would have told me to f**k off and stop being such a tightwad about surfing the internet.
    All I'm trying to do is offer a different perspective on maybe why some people disregard warnings and policies even at the expense of their own jobs. I've been on both ends of the stick. The idiot user and now the pain in the ass admin(only part-time thank god ). Maybe the solution would be better incentives to work? bonuses for completing projects early? I don't know. I think the problems crosses many boundries, from users, to admins, to the how the company is ran, etc. Maybe coming down on users with policies and strict rules works, but could there be better ways of handling this issue from a non-techincal viewpoint?
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

  8. #28
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    Character is the measure of what you do when no one is looking. Unfortunately, there isn't much character left these days. We use technical methods where appropriate, however, we also use psychological methods as well.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  9. #29
    Senior Member
    Join Date
    Feb 2003
    Posts
    105
    I would compare your job, thehorse, to law enforcement. If I went out and robbed a store why should the police be accountable. The police are there to monitor and reduce the likelihood of crime.

  10. #30
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    Originally posted here by strandedthinker
    I would compare your job, thehorse, to law enforcement. If I went out and robbed a store why should the police be accountable. The police are there to monitor and reduce the likelihood of crime.
    Thats being reactive though. Kind of locking the gate after the horse got out (no pun intended Horsie )
    An admins job and the secrurity gurus job is to be proactive and lock the gate before the horse can escape.
    By locking down the system and enforcing the AUP's the admin is trying to limit the liability to the system and prevent intrusion by adware/maleware, and the bad guys. Even though it is nice to be able to put a bad guy in jail. his job is to stop him before he can even commit the crime.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides