|
WHO’S MINDING THE SHOP?
Personal use of company internet access is getting out of hand.
By Esther Shein
During a normal workday, public-relations manager Lindsay Peroff generally visits the website of a Vancouver-based radio station and listens to music online. Christopher Bennett, a PR colleague at US junk-removal company 1-800-GOT-JUNK?, follows soccer on the web, often listening to digital broadcasts of games.
In fact, finding an employee these days who doesn’t access the internet for personal use during working hours is a bit like finding a lifeguard who doesn’t like getting wet. Most workers with PC access don’t see anything wrong with a little personal perusing at work. And like Peroff and Bennett, most work-time web surfers insist their productivity is not affected by the time they spend on such admittedly non-job-related pursuits.
Apparently, executives at 1-800-GOT-JUNK? disagree. In May, after finding that network traffic had increased dramatically during the previous two months, management deployed software that monitors network usage. “Our internet costs had skyrocketed, to the point where they said it was eating into our budget,” acknowledges Peroff. “The only thing they could think of was that a lot of people use their computers for personal music and radio.”
A lot of people do. The truth is, personal use of company T1 lines – once a swell little perk of the Digital Age – is getting out of hand. And productivity may be suffering because of it. In a recent survey of employees by internet-monitoring company Websense, 93% of respondents said they spend at least some time accessing the web at work. Of the group who told Websense they use company internet access for non-job-related reasons, more than 60% said they send personal email. More troubling for employers, well over half of the respondents told Websense they conduct personal transactions on the web – things like banking, booking trips, and shopping.
Web Junkies
Experts warn that those kinds of activities leave a corporate network wide open to malicious code. Moreover, any slanderous or defaming sentiment sent by an employee over a company’s email system or via instant messaging could put an entire company at risk. In the mid-1990s, for example, Chevron paid US$2.2m to settle a sexual-harassment suit stemming from inappropriate jokes being sent by employees over company email.
A number of vendors – including SpyTech, Websense, and eBlaster – offer software that helps companies monitor their employees’ web activity. Some applications filter email, others block workers from going to unauthorized websites.
1-800-GOT-JUNK? installed two open-source Unix-based products, called MRTG and CACTI. The applications, says the company’s former network administrator, Marvin Heyboer, monitor all inbound and outbound network traffic. “Once the word was out that I was monitoring computers,” he recalls, “people who had been listening to online music stopped.”
Critics of such monitoring – and there are plenty – say tracking the internet activity of employees smacks of Big Brother. They also claim that workers who are forced off the web may simply turn to different technologies to entertain themselves. “We’re allowed to bring our iPods, so everyone just listens to that now,” says Peroff.
Employees at 1-800-GOT-JUNK? don’t seem bitter over the company’s cutting the cord. “We stopped, and it wasn’t a real issue,” says Peroff. Besides, she notes, “we have profit sharing, so every little expense is monitored.” 
Esther Shein is a contributor to CFO in the us .
Virtualization
TWO-FACED DESK-TOP
By Elaine Appleton Grant
CFOs with a few miles on them no doubt remember the days of fretting about computing standards. The big questions for finance chiefs were: Macs or PCs? Unix or OS/2? Thin client or fat client?
For most purchasers of corporate computers, those weighty decisions largely disappeared with the ascent of Windows, Microsoft’s now ubiquitous operating system. But in truth, the earlier question about desktop standards was never properly settled. An ideal solution would have been to offer users choices, rather than forcing them to pick one OS over another. In a perfect IT world, Apple’s System 7 and Windows NT would have coexisted on the same machine.
Years later, that perfect world may be arriving. Intel plans to release a new chip set (called IVT) by the end of the year that embeds so-called virtualization technology into a PC. Rival AMD will follow with its own virtualized chip set, dubbed Pacifica, in 2006. The idea: create servers and desktop PCs that run multiple operating systems (or more precisely, two or more virtual computers within one computer, hence virtualization). With such a machine, business users will be able to run Outlook and StarOffice, MySQL, and DB2 – all on the same desktop.
A recent report at IT research firm Gartner called virtualization “the most disruptive technology the PC has faced in a decade.” For corporate users, the uncoupling of hardware from software promises sizable benefits. Virtualization will enable IT administrators to create secure corporate “images” (or application environments) for users to employ. A controller, for example, could work on a secure version of Excel while also searching the internet – without fear that a virus might infect the application or its associated files.
Maximize what you’ve got
But that’s not the best part. Experts say virtualization will finally enable businesses to max out their investments in processing hardware. How? Currently, companies purchase servers to host a single application, which means they often get stuck with more processing power than they need. Forrester Research analyst Simon Yates estimates that businesses generally end up using somewhere between 8% and 20% of the server capacity they have purchased. With virtualized hardware, however, businesses will be able to put those unused horses to work.
Companies can achieve some of these benefits now via software virtualization. Such applications have been around for at least ten years and are very popular among the slide-rule set (the leading program, ACE, comes from US-based VMware). Jeffrey Zalusky, founding partner of Chrysalis, an IT risk-management and compliance consulting firm in the US, uses VMware to help him test security software. Zalusky has configured multiple virtual machines as an offensive environment that attacks a virtual “victim” machine. All this thrusting and parrying actually occurs on one computer.
Other companies are using the software to create de facto firewalls. Eric Beasley, senior network administrator at Baker Hill, a US technology company, recently purchased a 50-user license for ACE, at about US$110 per user. Beasley uses the program to set up guest operating systems within notebook computers. A guest OS on the machine hosts customer data, and both the data and operating system are encrypted.
Thus, an employee is free to use a laptop to perform office tasks and access the internet – without exposing the vulnerable data in the virtual machine. Says Beasley: “Many people are coming into the realization that perimeter defense – traditional firewalls – are not going to be enough.”
Software virtualization will not be enough, either. While useful, the apps tend to slow system performance – up to 30%, Beasley reckons. Virtualized hardware does not suffer from similar speed problems.
The technology will be a bit laggardly getting here, however. While Intel is slated to ship its IVT chip set before year’s end, Microsoft isn’t expected to fully support hardware virtualization until 2008. And Beasley said first-generation machines will likely come with kinks. “If I were a CFO,” he advises, “I’d wait for the second generation of systems.”
Hey, they’ve waited this long.
Elaine Appleton Grant is a technology writer in the US. |
