When it comes to government workers misbehaving online, Bill Schrier has plenty of horror stories. Seattle's chief technology officer has seen city employees use work computers to visit Internet dating sites and city e-mail addresses to shop on Craigslist. Workers have downloaded "images of half-clothed people on the computer screen, scandalizing co-workers." Typically, Schrier's staff wipes clean five city computers a month that have been "infected with malware from visiting non-business Web sites."
These and other realities of working in government give Schrier a more conservative view on Internet-use policies than mine. In my May column, I argued that stringent limits on online activity risk hampering creative thinking and best practices for e-government and discouraging the next generation of technology thinkers from government careers.
Much of the feedback I heard reinforced my view. A senior official from a county in Iowa, for instance, described how his jurisdiction's policy about Web use frequently blocks him from accessing work-related information, such as gas pipeline maps and audio from a local news radio station. The roadblock on the radio station was especially galling because it was linked to from the county's own Web site.
Technology administrators have good reason to use tools such as Websense to monitor employees' online activities, and even to block access to inappropriate content. But some policies go too far, imposing Internet restrictions that seem to have as much to do with public relations worries as they do with real security and productivity concerns.
Some dot-govers who contacted me agreed that clear and enforceable Internet-use policies, regular training and strong security software are better long-term remedies than cutting off access to information that has potential to improve how government does business. But just as many government tech leaders found my thinking naove and said I was understating the security threats and management challenges they face when it comes to employee Web trolling. One New York official said bluntly that I was just not "seeing the constant barrage of attacks on our network, all of which are coming from the Internet."
Writing in his blog on municipal technology issues (blog.chiefseattlegeek.com), Seattle's Schrier made clear he was in that camp. Many diligent, well-intentioned city employees just "can't help themselves from surfing or bidding on eBay or browsing MySpace for their friends," he wrote. Most of those workers earn enough to "buy a personal computer for home" and have the time "to indulge themselves in the cyberworld" there.
"Public employees are held to a higher standard than workers in any other industry," Schrier said. "When there's a disaster, private employers shut down and their employees go home. Public employees work 12-hour shifts for the duration of the emergency. Those same higher standards apply to use of city equipment and conduct at work, and the Internet content filters remind all of us of our duty to meet that standard." Filters also reduce the need to formally discipline workers for misusing city computers and "help keep honest people honest," Schrier said, comparing some of the online conduct to problems "with pin-up girls decorating cubicles" in earlier times. "Let's not bring them back with the Web and Internet."
Banning pin-ups on office walls makes sense to me -- as do reasonable limits on and policing of Internet use. But as I put it in a comment on Schrier's blog, blocking access to useful and appropriate online content just because there also is inappropriate content out there is the equivalent of banning the wall, not just the pin-up.
Schrier thought that analogy was flawed, too. "In the case of pin-up posters, what had to be regulated was not the walls nor the posters, but the behavior of employees who could not regulate themselves," he wrote back. "The same is true of Websense or other Internet monitoring/blocking software. We are not regulating the Internet itself (walls) or content (pin-up posters) but rather the behavior of employees who cannot regulate themselves."
Schrier's experience gives authority to the real-world insights on technology management on his blog. You should take a look -- assuming you can access blogs from your work computer.
You may use or reference this story with attribution and a link to
Data-Driven GRC represents a consolidation of methodologies that enhance opportunity to address emer ...
Today more than ever, organizations must address wage and hour challenges to avoid potential financi ...
Read this Special Report to learn about the best practices and most noteworthy solutions currently o ...
The call for lowering large labor costs while increasing visibility into public spending can no long ...