Ok, the bottom line is: i prefer implemented and working security policy over
"ideal" one that is being constantly violated. And - accessing external email server
with proper content inspection in place implements exactly the same filtering policy
local server does, so i doubt the risk is higher, and it brings a feature to separate
corporate email from personal, which is often useful.

Non-performance issues. Hah! You really do think someone will work more efficient
if you just prohibit him from spending work time on non-business issues? I say plain NO.
Any decent book on managing IT projects states it works exactly reverse.

On Tue, Feb 22, 2005 at 09:23:58AM -0500, Paul D. Robertson wrote:
>
> > P.S
> >
> > Yes, sure i've seen many companies where people are not allowed to use external
> > mail servers. Almost 100% of them just forced people to use business addresses for
> > personal communications this way (although that was not formally allowed) and i
> > do not think this makes any difference.

>
> Then you've likely never had to deal with hostile workplace lawsuits,
> employee termination for non-performance issues, privacy issues during an
> investigation of malice, or a host of other things where the systems
> belonging to the employer make the security administrator's job
> significantly easier. Also, note that for most workplaces, the AUP takes
> away privacy protections on the network- suddenly opening your personal
> communications to increased scrutiny and decreased legal protections.



_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/li...rewall-wizards