On The Uselessness Of Blocking Social Networks At Work

from the did-you-block-the-telephone? dept

When this new-fangled invention called “the telephone” first became popular, there were some offices that refused to allow them on office workers’ desks, for fear that they would be a waste of time and a distraction that took away from work. I sort of feel the same way when I hear about companies banning Facebook or Twitter, these days. As we’ve said before, it’s obvious that there are people who abuse such tools, and you deal with that by recognizing that they’re not being productive and either telling them to shape up or firing them. Blocking a very useful communications tool just because some people might abuse it doesn’t seem particularly smart. And yet… it’s happening more and more. Yet another study shows how common it is for IT staff to block access to such sites.

However, an article at The Globe & Mail points out how silly this is. The people who are really obsessed with using such sites will simply find ways around such blocks, whether its via some sort of proxy site — or just by accessing the sites via a smartphone, outside the control of the corporate IT staff. On top of that — especially with younger staff — it sets up a workplace where management says, right upfront: we don’t trust you. Why not hire more trustworthy staff and deal individually with those who abuse the system, rather than putting forth an outright ban that throws out the potential good uses along with the misuses?

Filed Under: ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “On The Uselessness Of Blocking Social Networks At Work”

Subscribe: RSS Leave a comment
AC's long lost brother says:

Re: I disagree

That may be true for some companies, but not mine. There is absolutely no regulatory reason for my IT pri..um Naz…um admins to block webmail and social networking sites. The management here pretty much feels that we’re all not trustworthy.. I’m actually a bit surprised that I can go to blogging sites like this one…

:Lobo Santo (profile) says:

Re: Re: I disagree

It is changeable… just gotta be patient (and cunning… like a trap-door spider). Recently I got my company to un-block Twitter and Facebook. How, you ask? By making accounts in my company’s name on Twitter and Facebook and handing the login & passwords over to my boss. So he had the IT guys unblock those sites; not just for him, but for everybody (what’s the point of changing something if you can’t get your coworkers (et al) to view and opine upon it?)

James (profile) says:

Re: I disagree

Amen brother. We have PCI and other stuff to deal with where I work. If they “find a way around” my filters, we can fire them for circumvention of security systems. As far aas trust goes. When you give your manager a key to your house and he gives you one to his, then there is trust. I don not think that any of the millions of people with card numbers in our system want us to “trust” our employees with their data by giving them the ability to get it out of our facility in bulk.

Dark Helmet (profile) says:

Sounds like I'm repeating myself...

…from yesterday w/the whole Danger Sidekick thing, but this REALLY shouldn’t be difficult for most IT staffs to sort through.

Some divisions in a company NEED access to social networking sites (media relations, marketing, etc.), some have the pull to be ALLOWED access to them (C-Level folks, the girl banging the Chairman of the Board, etc.), and some have no need for it (assistants, secretaries, security, etc.).

Most modern content filtering appliances (probably software too, though I’m less familiar w/them) have the ability to integrate with grouping software like Active Directory. So you assign different policies to different groups and allow people to go about their day. Hell, with what we use internally, you can allow groups access to different sites and/or heuristic categories at different times. Want to reward your lower staff for being productive? Allow them access to Facebook/Myspace/Fantasy Sports/ESPN/Etc. on ther lunch hour.

For any decent infrastructure, this stuff ain’t difficult…

Dark Helmet (profile) says:

Re: Re: Sounds like I'm repeating myself...

“That’s still missing the point. You don’t need to structure/filter access to different groups of people if they’re getting their jobs done.”

That may be true, but the reality of today’s marketplace is that you have a rather large number of what business management professors will call an “immature workforce”. I’m just not sure this idea that “well, you just hirer better people” is realistic. Every company is going to have some really good performers, a great deal of mid-level producers, and its small share of bad apples. You don’t put the policies and filtering structures in place fo the bad apples. Those people should be fired. You put them in place for the mid-range folks.

It’s the same theory about locks on homes/cars: if someone REALLY wants to break in, you really aren’t going to stop them. Locks don’t keep out thieves and criminals. Locks keep honest people honest.

Derek Reed says:

Re: Re: Re: Sounds like I'm repeating myself...

I really like the “Locks keep honest people honest” idea there. And I agree 100% if we’re talking about a lock on a house door, or blocking porn at work.

But if we’re talking about a lock on a door to a copy room, or blocking a site with any potential for positive use, I diverge. I think the gap in how that applies to this blocking of sites thing is that there are at least *some* legitimate uses (or at least uses that have negligible negative impact) even for low level employees to get past that lock, and so that lock becomes something that turns an honest person dishonest.

Designerfx (profile) says:

blame the bad egg

every workplace has a share of incredibly stupid (and vulnerable to false advertising) individuals. Usually a workplace doesn’t find it a smart idea to make sure people are intelligently educated on what to look out for on the internet.

Example: I sent my workplace the phishing test from sonicwall from what, 5 years ago? Lots of people called me up afterwards since my name was on it, and had no idea/easily fell for it.

People aren’t just uneducated about the issue, management doesn’t want to deal with it either.

Johnny C. Lately says:

Not convinced

Sorry. I may just be a GHOF (grey haired old fart), but I have yet to be convinced of the usefulness of TwittPageBook sites period, let alone when somebody is actually paying you to do something besides scan your page for updates. For every one person, like Zenith, who has used them to their advantage, there must be 100,000 who just post to say “I’m at my desk.”, “Now I’m not”, “I’m bored”, “I had ham/swiss on rye, but, OMG!, NO MUSTARD.”

DanPhilpott (profile) says:

Security & Social Media

There are often good security reasons to block access to social media sites. SecBarbie indicated a good one, maintaining regulatory compliance. Others include information leakage, risks associated with site applications, phishing/spear phishing, web application attacks and use as a vector for malware transmission.

All that said a kneejerk response to block social media is not called for. Social media is a valid and valuable resource and communications method. What organizations need to do is consider the risks and benefits from use and make decisions that minimize the risk while maximizing the benefit. For example, companies may want to manage social media access if they are under some regulatory obligation to not communicate certain information (e.g., quiet period during IPO, SOX compliance, etc.). The management may result in restriction, monitoring or recording. Another risk based decision might be to manage access to social media sites based on their potential for abuse. An example of this would be blocking access to Facebook where the application platform presents some serious risks while allowing access to Twitter where the risks are more manageable.

EH says:

Re: Re: Unblocking social networks

“…sometimes you have to do things you don’t want to do.”

No… no you don’t. Seriously, it’s a matter of choice (and compromise). Always has been.

OK, if the people who work at my company do not want to go to jail and/or get massive fines, they have to block social networking sites.

Sure, I could make a choice to break the law, and compromise with respect to the amount of freedom and surprise buttsecks I would like to have, but it doesn’t seem like much of a choice from where I’m sitting.

EH says:

Re: Re: Re:2 Unblocking social networks

Where do you work, and why is buttsecks the punishment for Facebook??!!

There are many companies that are under a variety of regulations concerning external communications. And it’s not so much that buttsecks is the punishment for Facebook, but you could certainly go to jail for breaking the law.

Dark Helmet (profile) says:

Re: Re: Re:3 Unblocking social networks

“There are many companies that are under a variety of regulations concerning external communications.”

Absolutely, like the CIA, NSA, defense contractors, government offices, etc.

However, if you have people on your payroll that are twittering, “OMG! U should see the new schematics for this bunker buster bomb that came across my desk! It’s going rip the FACES off of arab kids!”, then I think the organization might have deeper underlying issues…

Hamish says:

Re: Re: Re:3 Unblocking social networks

EH, can you please tell me what sector you are in. I am very interested to know what sort of company is fined or people are jailed if they use face book. What kind of law are you referring to?

As i understand it, if you are not in the MOD or have another really sensitive job like that which promotes secrecy and has little transparency, there is no law which can levy a fine against a company. If you know this because it just something someone told you, i think they are pulling your leg.

I don’t agree with what you are saying that “nobody wants it blocked” in your company. if that was the case, it wouldn’t be blocked. Someone wants it blocked and they have a reason, whether it is a logical reason or not.

Facebook is a socialising tool which can be manipulated to work as a business communication tool. I think if Facebook was modified so you could switch it between business mode and social mode, where business mode would have many extra business tools and functions, i think this would be more accepted.

be_free says:

opendns.com blocks it pretty thoroughly, proxies and all. i largely agree however, but in the end it comes down to what type of users you’re dealing with.

savvy users can use it for true networking, an extension of their irl network, but I’ve seen too many a minimum wage easily distracted people do quiz after quiz on facebook, and chat with Johnny from the club using Yahoo messenger to agree fully (not to talk about all the crap these type of non-savvy users tend to install – toolbar after toolbar).

after blocking access these people actually picked up the phone when it rang, and focused more on their tasks at hand which made both their managers happier, and myself as an IT admin.

other than that I’m actually an advocate for local admin rights and freedom under responsibility, but in this particular case one size does not fit all in my experience.

Newbelius says:

It's not always IT's fault

I’m an IT manager and I have always felt it should not be my job to ensure that users are doing what the company pays them to do. Our previous CEO was very much a technophobe. He hated IT and what it represented, though I’m not sure what he thought it represented. He once put out an edict that no one was to use email during regular business hours, nor were meetings to be scheduled for business hours.

IT was run pretty much as a problem child. Kept in the dark and only fed enough to survive. Then I came along. We managed to increase budgets for such luxuries as anti-virus, anti-malware, anti-spam. Prior to this, things were protected using the crossed-fingers method of safe computing.

One item that we put in place was website filtering. At first, I set it so that only malicious sites, porn, gambling and the like were filtered. After all, its the manager’s job to determine if employees are productive, not mine. I was told buy my bosses to increase filtering, after all, people shouldn’t be able to get to their home email, news, blogs or other such “superfluous” sites.

And then it started. People started talking about how IT stops them from doing their jobs by blocking valid sites. I had our marketing manager say that he should not be blocked from ANY site because we could be blocking potential customers or business. Considering that online porn sites NEVER use our products, I don’t think that particular argument is quite valid.

From the beginning, I told people that I don’t determine what to block, so if something is blocked that they need access to, let me know. If they tell me to open up an online casino, they’ll have to get managerial approval, as it is management who should determine if the request has merit, not me. If the site is clearly benign or is a valid potential business partner (client, investor, employee, supplier, etc), then sure!

With this said, I have known IT people throughout my career that would treat the Internet as their baby and stop any use they deem improper. Some have even done so with such relish that I wonder if they missed their calling as a dominatrix. But I’ve also come across many that take a very “ya, whatever” approach to site filtering. They don’t really care where the user goes as long as they don’t cause disruption of the environment.

I really don’t care what the users do as long as they don’t introduce malware and such to our network. It’s disruptive to them and the rest of the company. Additionally, people need to do their jobs. It’s unfair for one person in a department to have to cover for those that wish to chat all day long.

But, it’s not my job to manage it. I manage my own staff. If work doesn’t get done, then I have a problem. If work is getting done, then I say let them blow off a little steam during the lulls. They earned it.

Please don’t be so quick to judge the IT folk. Some of us are people too.

Anonymous Coward says:

Comparing facebook to a telephone is a laughable concept.

The telephone has many uses for business. I think that the reality is that most employees talking on the phone are talking business. They may make a few personal calls, but for the most part it is business.

Facebook? Twitter? There isn’t much business getting done there.

It’s a weak comparision to try to create more socialistic “free the people” sympathy here.

NT says:

Not convinced either

The social networking sites are good for certain companies, others they are extremely unproductive and have nothing to do with their job functions. There are good reasons to block from lost productivity, to identity theft, to viruses. Like Johnny Lately said that for every 1 person that is actually helping a company with it, there are 100,000 that are taking away from the company by posting nonsense. I think that if your company is blocking the site, they probably have good reason, and you are probably one of the people that are using it for non-productive uses.

Michial Thompson (user link) says:

I'm a firm believer

Until the past couple of years I would have agreed that controlling access to the internet should be a procedural, and not forced upon people. I used to feel that it was important for IT NOT to interfere in peoples access.

The past couple of years I have been more in a position to manage large numbers of PCs across a wide majority of the united states where every site had their own procedural policies. What I have seen is that the sites where access was controled through procedures while allow full open access to all the machines are the most time consuming in maintenance. I spend probably 70% of my IT/Machine maintenance actually removing spyware and viruses etc… The sites that block access is sub 10% of my time…

In my customers cases there is no way of idenifying an individual who performed the tasks leading to the viruses, only a shift of people which means noone can be held accountable.

I tend to lean towards the use of OpenDNS which so far has been a good compromise.

As for the social networks, I rarely have to disable them, they aren’t really the cause of the problems.

Ridonkulous says:

When you have a staff of 30+ 20 something wet behind the ears sales reps whos job function is to be on the phone closing deals instead of Facebook surfing hawt chicks – you block it.

I agree that IF there is a need for the overall good of the company to allow access, you allow it.

Why should they be paid to sit and surf MySpacetwitterbook?

As an IT manager for 16 yrs, I can tell you more harm comes from it than good.

These are the same kids who hit us up to remove the spyware they infected themselves with at home.

Supes says:

I’m a security admin for a large company and I block these sites, not for productivity, but for security concerns. While it’s easy to instruct our users to not click on links they don’t know or to not use every app that is thrown their way, it’s not often heeded and poses a large risk to our environment; even with all the preventative measures that we do have in place. Most do not complain about this policy and take it in stride. If they want to access these sites through their smartphones (I know I do), more power to them. Plain and simple, social networking sites are major targets for malicious software and exploits; it’s just not worth it.

Clueby4 says:

Blah blah blah

Keep trying to rationalize a “good” reason to unblock social network sites however the legal department will always have “hostile workplace” as a completely valid and practical justification to block the sites. Yea it’s lame but most laws are so what are you going to do.

I still find Zenith’s example weak at best, Facebook is the last place I go for tech help stackoverflow, hackernews, maybe even reddit.

fogbugzd (profile) says:

Luddites and Control Freaks

Corporate culture tends to promote Luddites and control freaks to the decision-making positions, even in IT. IT Luddites are only different from other Luddites because they accept the technology that was dominant when they started their careers; they only reject and fail to understand stuff like Twitter that has come along since then.

Dumb Helmet says:

I don’t block social networks, instead, I have a filtering algorithm toss each story into either a “Snark” category or a “Cool” category.

As an example, I have the algorithm automatically score and sort all Techdirt articles and comments for me. I’ve found it to be quite accurate. There’s only been one article in the past three weeks that was scored “cool”. It was an article that talked about the Blair Witch Project.

I’m fine-tuning a filter extension that removes comments from dumb, mistakenly US-relocated Germans in Chicago that like to see what they write (love to listen to them self talk, and probably also suffer from accute dementia) ultimately need to be deported.

Right now, this article scores a -12 on a scale of a -50 to +50. After it posts, I’ll re-scan it and let it follow the links (including this one) and let you know what it re-scores at.

Dark Helmet (profile) says:

Re: Re:

“I’m fine-tuning a filter extension that removes comments from dumb, mistakenly US-relocated Germans in Chicago that like to see what they write (love to listen to them self talk, and probably also suffer from accute dementia) ultimately need to be deported.”

No shit? In all seriousness, if you ever divised such a system to actively filter out and/or score what you don’t like, including new and “unknown users” who haven’t commented yet, I’d be seriously impressed.

Oh, and I agree completely with your description of me, well done, except that I didn’t relocate from Germany, I’m just of partial German heritage. But hey, maybe you could include some kind of recourse in your nifty little algorithm for you making shit up that I never said.


Dumb Helmet says:

Re: Re: Re:

Damn, since you just posted again, it scored back down at -17.

>> I’m just of partial German heritage.

Nice. But as you probably know, even greasy Spaniards have a special date of observation on the American Calendar. Maybe you’ll be that one to break through do something uber cool that will honor your heritage beyond the staples of sausages and sauerkraut.

Oh wait, it all suddenly makes sense why you’re in Chicago.

Dark Helmet (profile) says:

Re: Re: Re: Re:

“Damn, since you just posted again, it scored back down at -17.”

Sweet…how about now?

“But as you probably know, even greasy Spaniards have a special date of observation on the American Calendar.”

I’m liking you more and more due to your hateful nature. It’s like we’re kindred spirits….

“Maybe you’ll be that one to break through do something uber cool that will honor your heritage beyond the staples of sausages and sauerkraut.”

Mmmmm, sausages stapled to sauerkraut….

“Oh wait, it all suddenly makes sense why you’re in Chicago.”

Because of the sausages and sauerkraut? Hmm, I dunno, when it comes to sausages, we’ve got a pretty hefty Polish population here (most of any city in the world outside of Poland). But hell, I do enjoy encased meat AND sauerkraut, so maybe you’re right after all…

Dumb Helmet says:

Re: Re: Re:2 Re:

>> >> “Oh wait, it all suddenly makes sense why you’re in Chicago.”

>> Because of the sausages and sauerkraut? Hmm,
>> I dunno, when it comes to sausages… I do
>> enjoy encased meat AND sauerkraut, so maybe
>> you’re right after all.

Precisely. Dark Helmet may be a euphemism for “Sausage King of Chicago.”

blocker (profile) says:

Wrong, just plain wrong

A big problem is productivity, if someone is getting their job done, that is great, but that does not remove the liability of some stupid dope posting things from your company internet access that can lead to liable, or worse. I can understand wanting access to communicate to friends, but when you are at work, you should be working, not socializing and being an idiot. I have yet to see a valid use for facebook, twitter or any other social site. It is just plain silly and of no value.

NullOp says:

Social networks

Social networks should not be blocked by IT staff. However, monitoring should be in place to weed out the bad apples that abuse access. With clear company policies and enforcement of the policies there will be little trouble.

Of course you have to have managers that will enforce policy evenly and fairly. This means IT has to be in the business of tracking and staying up with usage. Its not fun, cool or pleasant but it needs to be done.

EH says:

Types of businesses

EH, can you please tell me what sector you are in. I am very interested to know what sort of company is fined or people are jailed if they use face book.

The financial sector. And it’s not “jailed if they use face book”, it is a whole set of requirements and regulations that include everything from phones to personal cell phones, to IM, and a host of other things.

And nobody at my company does want to block it. It is a pain in the ass to block it, and almost entirely useless, and everyone knows it. But we have to.

Anonymous Coward says:

talk about grossly oversimplifying an issue. Terrible commentary, IMO.

allow me first to proudly announce we do not block social networking sites. We as a company use Facebook/Twitter/Myspace etc as a marketing tool, so it’s part of our business.

that said, you’re oversimplifying how admins can and do block unapproved sites. If I block something here at work, you aren’t getting to it unless you use your cell phone. There is no “just use an outside proxy server.”

Second, you assume that blocking social networking sites is due to management not trusting their employees to work while they’re at work. While I would say it’s a large issue, it’s not the only, and there are spinoffs to having your trust betrayed. Consider the liability issue. What a person can do on their work computer can come back to bite you in court, especially if you’re found negilgent.

thirdly, you ask:
“Why not hire more trustworthy staff and deal individually with those who abuse the system, rather than putting forth an outright ban that throws out the potential good uses along with the misuses?”
the answer to that, for me, is simple. Like most companies running lean due to the economy, I just don’t have time or staff to babysit what you should and shouldn’t be doing at work. Most companies I know ban sites as a reaction to a visible problem, not a potential one. If a site got banned here, it was a corporate issue, not “a few bad apples.”

I get pretty upset when I start seeing people refer to the staff as “IT Nazi’s.” Most IT guys are backlogged as it is so we get pretty upset when Joe End User caused a problem because he couldn’t find the motivation to get some work done today.

I’m all for allowing people the opportunity to do some personal surfing at work, when done in reason. But on the other side of the coin, I’m being paid to work, not surf facebook to see who scored 700 points on Farmville.

Lunch break’s over… 🙂

Richard (profile) says:

Re: The bible says something on this too

Since my previous biblical reference proved popular I’ll try another one – relevant to the current topic:

“Thou shalt not muzzle the ox when he treadeth out the corn.”

Originally in Deuteronomy (25:4) quoted in 1 Corinthians 9:9 and in 1 Timothy 5:18.

Frankly this is a two way traffic – if I can’t do personal things at work then I won’t do work things at home – and guess who will lose the most.

The "Nice" IT Guy says:


Firstly, I am not a IT Nazi whatsoever. I personally used proxy servers to gain access to social networking sites at the last college I attended because there was no reason for it to be blocked in the facility. I always got my homework done and made good grades.

However in the facility where I am currently employed, such sites are intenetionally blocked for many reasons, a couple of which I will share. Firstly, before any such blocking software/hardware solution was implemented, my department had proof, (screenshots) that the majority of our employees were abusing the Internet system and causing serious bandwidth issues. I’m in the same boat as “Anonymous Coward.” “I’m all for allowing people the opportunity to do some personal surfing at work, when done in reason. But on the other side of the coin, I’m being paid to work, not surf facebook to see who scored 700 points on Farmville.” Sadly given the oppertunity to prove otherwise, very few of our employees will do this in reason. Not to mention the number of viruses that our new system has blocked from entering our network via ignorant end-users.

Kelly Monroe (user link) says:

Palo Alto Networks whitepaper To Block or Not. Is that the question?”

I’m a consultant working with Palo Alto Networks; they have an excellent whitepaper on the subject of blocking social networking apps that you may have to worry about, “To Block or Not. Is that the question?” here: http://bit.ly/d2NZRp. It has lots of insightful and useful information about identifying and controlling Enterprise 2.0 apps (Facebook, Twitter, Skype, etc.) Let me know what you think.

quicksilver (profile) says:

Whether an application is blocked or not, self-control comes from within

Ive been using http://bit.ly/bJwmma .
It uses a better procedure than blocking social media sites because it only monitors sites like Twitter during

production hours. People/Employees still have the option to use it for a breather or during breaks really .

Sometimes they use it for work too in helping reach decisions. For me its really unnecessary to block Twitter.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...