Strict Web Filtering - Good Security or Cause for Lynch Mob?
-
@thanksajdotcom said:
People should be judged by the results they deliver, not how they obtain said results. If I can do my job in 6 hours a day to a very high standard, and it takes someone else the full 8, why should I have to be "working" the other 2?
Absolutely.
I like to think of human resources in a similar way to IT resources. You would never want to run your servers at 100% capacity all the time. If you looked at your servers right now and they were running over 50% you would be worried, right? So why expect human resources to run at 100% capacity all the time. This is where companies end up with a situation where during quiet times they are running at 100%, and during busy times they can't cope and end up letting down customers.
This is an area of interest to me, because I'm putting in a new ERP system that will increase productivity and as company we need to know how we will handle that. I'm a fan of Lean Manufacturing and Goldratt's Theory of Constraints, which generally apply to manufacturing, but can also be applied to backoffice administration. If you have a machine in your factory that can produce 10 grommets an hour but during a quite period you can only sell 5 grommets an hour, what do you do? Traditionally, the production manager will run the machine at full capacity and over-produce. Inventory will build up, and the company will lose money. This is because the production manager is judged on his efficiency, and will be punished if he only runs his machine at 50% efficiency, even if that is the best thing to do for the company. Over-production is the enemy of manufacturing.
Now apply those principles to the back office. A back office worker is generally involved in the production of spreadsheets. You can divide those spreadsheets into productive ones, ie ones that add value to the company, and non-productive ones, ie ones that add no-value to the company and are only produced so that the worker can appear busy.
The lazy Facebooker will generally only produce productive spreadsheets. He knows what is important, but once he has done that he'll slack off and go on Facebook. The conscientious worker will always find new spreadsheets to create.
In the same way that over-production in the factory actually costs money, in terms of the cost of storing and managing excess inventory, so over-production in the back-office will cost money, in terms of the cost of storing and managing excess spreadsheets. So if you're going to fire someone, fire the conscientious worker and keep the lazy Facebooker.
Google General Kurt von Hammerstein-Equord for more info on how he divided his officers and why lazy workers can be better.
The counter argument to this is that a grommet machine can only make grommets, whereas a human can do an endless array of tasks. And this is a fair point. So for example, during quiet times, Acocunts staff can phone customers and chase debt, which is always productive. But the trick here is ensuring that any extra tasks you assign to your back-office staff are actually productive. They have to add to the company's bottom line, otherwise they are bullshit tasks that add no value. Setting in a place a structure to recognise the difference between productive and non-productive tasks is the key to maximising profit. But if you can't do that, you may as well let people go on Facebook for all the good it will do you.
-
@Carnival-Boy said:
@thanksajdotcom said:
People should be judged by the results they deliver, not how they obtain said results. If I can do my job in 6 hours a day to a very high standard, and it takes someone else the full 8, why should I have to be "working" the other 2?
Absolutely.
I like to think of human resources in a similar way to IT resources. You would never want to run your servers at 100% capacity all the time. If you looked at your servers right now and they were running over 50% you would be worried, right? So why expect human resources to run at 100% capacity all the time. This is where companies end up with a situation where during quiet times they are running at 100%, and during busy times they can't cope and end up letting down customers.
This is an area of interest to me, because I'm putting in a new ERP system that will increase productivity and as company we need to know how we will handle that. I'm a fan of Lean Manufacturing and Goldratt's Theory of Constraints, which generally apply to manufacturing, but can also be applied to backoffice administration. If you have a machine in your factory that can produce 10 grommets an hour but during a quite period you can only sell 5 grommets an hour, what do you do? Traditionally, the production manager will run the machine at full capacity and over-produce. Inventory will build up, and the company will lose money. This is because the production manager is judged on his efficiency, and will be punished if he only runs his machine at 50% efficiency, even if that is the best thing to do for the company. Over-production is the enemy of manufacturing.
Now apply those principles to the back office. A back office worker is generally involved in the production of spreadsheets. You can divide those spreadsheets into productive ones, ie ones that add value to the company, and non-productive ones, ie ones that add no-value to the company and are only produced so that the worker can appear busy.
The lazy Facebooker will generally only produce productive spreadsheets. He knows what is important, but once he has done that he'll slack off and go on Facebook. The conscientious worker will always find new spreadsheets to create.
In the same way that over-production in the factory actually costs money, in terms of the cost of storing and managing excess inventory, so over-production in the back-office will cost money, in terms of the cost of storing and managing excess spreadsheets. So if you're going to fire someone, fire the conscientious worker and keep the lazy Facebooker.
Google General Kurt von Hammerstein-Equord for more info on how he divided his officers and why lazy workers can be better.
The counter argument to this is that a grommet machine can only make grommets, whereas a human can do an endless array of tasks. And this is a fair point. So for example, during quiet times, Acocunts staff can phone customers and chase debt, which is always productive. But the trick here is ensuring that any extra tasks you assign to your back-office staff are actually productive. They have to add to the company's bottom line, otherwise they are bullshit tasks that add no value. Setting in a place a structure to recognise the difference between productive and non-productive tasks is the key to maximising profit. But if you can't do that, you may as well let people go on Facebook for all the good it will do you.
This is an excellent analogy. Machines pushed too hard burn out and lose productivity. Management is really about knowing how to best utilize your employees and what each individual brings to the table. Everyone has different strengths and weaknesses. Learning how different people complement and offset each other is crucial for an HR dept to be successful.
-
This is a rather hard one for me... If I was the boss/owner... what would I want?
It really boils down to the type of workers you have and the environment.
That said, some freedoms to check the personal life a bit are OK.
The only filtering we do is on violence, guns and drugs. I also kill streaming services as they have killed our 10 meg pipe many times not allowing us to use our online EHR.
-
@Dashrender said:
This is a rather hard one for me... If I was the boss/owner... what would I want?
It really boils down to the type of workers you have and the environment.
That said, some freedoms to check the personal life a bit are OK.
The only filtering we do is on violence, guns and drugs. I also kill streaming services as they have killed our 10 meg pipe many times not allowing us to use our online EHR.
Yup, and that's really the only reason to kill those. A 10Mb pipe is pretty small for an office if it has more than 5-10 people. If you've got decent bandwidth, I'd prefer just throttling personally, but I can always stream Plex from home to either my PC or my phone if I must.
-
Not that that uses any less bandwidth...lol
-
@thanksajdotcom said:
@Dashrender said:
This is a rather hard one for me... If I was the boss/owner... what would I want?
It really boils down to the type of workers you have and the environment.
That said, some freedoms to check the personal life a bit are OK.
The only filtering we do is on violence, guns and drugs. I also kill streaming services as they have killed our 10 meg pipe many times not allowing us to use our online EHR.
Yup, and that's really the only reason to kill those. A 10Mb pipe is pretty small for an office if it has more than 5-10 people. If you've got decent bandwidth, I'd prefer just throttling personally, but I can always stream Plex from home to either my PC or my phone if I must.
So having 10Mb/s connection to a 60 person office isn't that great? Haha, just kidding it is terrible.
-
@coliver said:
@thanksajdotcom said:
@Dashrender said:
This is a rather hard one for me... If I was the boss/owner... what would I want?
It really boils down to the type of workers you have and the environment.
That said, some freedoms to check the personal life a bit are OK.
The only filtering we do is on violence, guns and drugs. I also kill streaming services as they have killed our 10 meg pipe many times not allowing us to use our online EHR.
Yup, and that's really the only reason to kill those. A 10Mb pipe is pretty small for an office if it has more than 5-10 people. If you've got decent bandwidth, I'd prefer just throttling personally, but I can always stream Plex from home to either my PC or my phone if I must.
So having 10Mb/s connection to a 60 person office isn't that great? Haha, just kidding it is terrible.
This is exactly what we have. We have a fiber connection for $880/month for that 10 Mb. I would consider moving to normal Cable Modem services, but last year they had nearly 3 days out weekday outages (no idea on weekend outages). Now while from a money earned perspective we might have saved money (i.e. the losses from those 3 days vs the cost of the fiber for a year), but from a frustration level of the doctors I'm sure they consider it a worthwhile expense.
Going to 20 megs will be another $200.
I've asked about bringing in a cable modem for additional throughput, we could get something like 75/10 for around $150 a month, but I was denied.
-
@Dashrender said:
@coliver said:
@thanksajdotcom said:
@Dashrender said:
This is a rather hard one for me... If I was the boss/owner... what would I want?
It really boils down to the type of workers you have and the environment.
That said, some freedoms to check the personal life a bit are OK.
The only filtering we do is on violence, guns and drugs. I also kill streaming services as they have killed our 10 meg pipe many times not allowing us to use our online EHR.
Yup, and that's really the only reason to kill those. A 10Mb pipe is pretty small for an office if it has more than 5-10 people. If you've got decent bandwidth, I'd prefer just throttling personally, but I can always stream Plex from home to either my PC or my phone if I must.
So having 10Mb/s connection to a 60 person office isn't that great? Haha, just kidding it is terrible.
This is exactly what we have. We have a fiber connection for $880/month for that 10 GB. I would consider moving to normal Cable Modem services, but last year they had nearly 3 days out weekday outages (no idea on weekend outages). Now while from a money earned perspective we might have saved money (i.e. the losses from those 3 days vs the cost of the fiber for a year), but from a frustration level of the doctors I'm sure they consider it a worthwhile expense.
Going to 20 megs will be another $200.
I've asked about bringing in a cable modem for additional throughput, we could get something like 75/10 for around $150 a month, but I was denied.
$880 for 10GB/s or 10MB/s? Around here we don't have that option, we have our local ISP and TWC, TWC wants us to pay 20,000$ for the line to our office and sign a 10 year contract... so we are left with one option.
-
@coliver said:
@Dashrender said:
@coliver said:
@thanksajdotcom said:
@Dashrender said:
This is a rather hard one for me... If I was the boss/owner... what would I want?
It really boils down to the type of workers you have and the environment.
That said, some freedoms to check the personal life a bit are OK.
The only filtering we do is on violence, guns and drugs. I also kill streaming services as they have killed our 10 meg pipe many times not allowing us to use our online EHR.
Yup, and that's really the only reason to kill those. A 10Mb pipe is pretty small for an office if it has more than 5-10 people. If you've got decent bandwidth, I'd prefer just throttling personally, but I can always stream Plex from home to either my PC or my phone if I must.
So having 10Mb/s connection to a 60 person office isn't that great? Haha, just kidding it is terrible.
This is exactly what we have. We have a fiber connection for $880/month for that 10 GB. I would consider moving to normal Cable Modem services, but last year they had nearly 3 days out weekday outages (no idea on weekend outages). Now while from a money earned perspective we might have saved money (i.e. the losses from those 3 days vs the cost of the fiber for a year), but from a frustration level of the doctors I'm sure they consider it a worthwhile expense.
Going to 20 megs will be another $200.
I've asked about bringing in a cable modem for additional throughput, we could get something like 75/10 for around $150 a month, but I was denied.
$880 for 10GB/s or 10MB/s? Around here we don't have that option, we have our local ISP and TWC, TWC wants us to pay 20,000$ for the line to our office and sign a 10 year contract... so we are left with one option.
My mistake.. it's 10 Mb/s.
I corrected my post.
-
We have 10mb here for around 60 users. I think that's fairly normal in the UK. We pay pretty much exactly the same as you Dash. I don't find it terrible. I will upgrading to 50 or 100mb later this year, which will cost about double but which we will need when we transition from on premise Exchange to O365.
-
@Dashrender said:
@coliver said:
@thanksajdotcom said:
@Dashrender said:
This is a rather hard one for me... If I was the boss/owner... what would I want?
It really boils down to the type of workers you have and the environment.
That said, some freedoms to check the personal life a bit are OK.
The only filtering we do is on violence, guns and drugs. I also kill streaming services as they have killed our 10 meg pipe many times not allowing us to use our online EHR.
Yup, and that's really the only reason to kill those. A 10Mb pipe is pretty small for an office if it has more than 5-10 people. If you've got decent bandwidth, I'd prefer just throttling personally, but I can always stream Plex from home to either my PC or my phone if I must.
So having 10Mb/s connection to a 60 person office isn't that great? Haha, just kidding it is terrible.
This is exactly what we have. We have a fiber connection for $880/month for that 10 Mb. I would consider moving to normal Cable Modem services, but last year they had nearly 3 days out weekday outages (no idea on weekend outages). Now while from a money earned perspective we might have saved money (i.e. the losses from those 3 days vs the cost of the fiber for a year), but from a frustration level of the doctors I'm sure they consider it a worthwhile expense.
Going to 20 megs will be another $200.
I've asked about bringing in a cable modem for additional throughput, we could get something like 75/10 for around $150 a month, but I was denied.
It seems like having a failover line and using a dual-WAN router to increase connection speed would be advantageous to them. Even instead of going to the 2oMb/sec line. And it's cheaper!
-
@thanksajdotcom said:
Yup, and that's really the only reason to kill those. A 10Mb pipe is pretty small for an office if it has more than 5-10 people. If you've got decent bandwidth, I'd prefer just throttling personally, but I can always stream Plex from home to either my PC or my phone if I must.
You can't really compare a home connection to an office. Neither in there need for that much bandwidth nor their actual connections. Business grade connections will generally have much less latency than a home grade connection making the speed faster and the bandwidth appear to be more than it is. You also actually get what you pay for with a business connection with a home connection you just get whatever.
Without much streaming on your network 10MB can easily be fine. I have used 10MB with proper limits through content filters (both on sites and download speeds) and proper QoS for networks with over 300 users plus Guest networks were also also put up at some locations. Business generally do not need near as much bandwitdh as they think they do. Granted this 10MB fiber connection could still cost you $1,800/month +
-
@Carnival-Boy said:
We have 10mb here for around 60 users. I think that's fairly normal in the UK. We pay pretty much exactly the same as you Dash. I don't find it terrible. I will upgrading to 50 or 100mb later this year, which will cost about double but which we will need when we transition from on premise Exchange to O365.
That was common in the US until just about two years ago. 10Mb/s for sixty users isn't crazy here even now, not great, but not odd. We have a customer that was 10Mb/s for eighty five users just last year and while limiting, it was fine.
-
@thanksajdotcom said:
It seems like having a failover line and using a dual-WAN router to increase connection speed would be advantageous to them. Even instead of going to the 2oMb/sec line. And it's cheaper!
Depending on their usage that may not help. Connections can't be split across the the two networks, only new connections can balance between the two. You really have to do an analysts to see if it will even help.
-
@thecreativeone91 said:
You can't really compare a home connection to an office. Neither in there need for that much bandwidth nor their actual connections. Business grade connections will generally have much less latency than a home grade connection making the speed faster and the bandwidth appear to be more than it is. You also actually get what you pay for with a business connection with a home connection you just get whatever.
These days they are normally delivered over the same infrastructure and are very comparable. Home grade has enterprise level latency now and businesses are starting to see home speeds. I don't know any business that gets what I normally got at home in terms of up speed, down speed, reliability or latency. Business class used to often be better, but those days are over now that FioS, Google Fiber, Cablevision and others are available. Generally businesses just buy home connections now too. And the remaining business connections are often things like T lines that are pathetically anemic compared to even the worst home lines.
-
@thecreativeone91 said:
@thanksajdotcom said:
It seems like having a failover line and using a dual-WAN router to increase connection speed would be advantageous to them. Even instead of going to the 2oMb/sec line. And it's cheaper!
Depending on their usage that may not help. Connections can't be split across the the two networks, only new connections can balance between the two. You really have to do an analysts to see if it will even help.
Things like HTTP 1.1 work great over dual lines. Things like HTTPS 2, VPNs and YouTube do not.
-
@scottalanmiller said:
@thecreativeone91 said:
You can't really compare a home connection to an office. Neither in there need for that much bandwidth nor their actual connections. Business grade connections will generally have much less latency than a home grade connection making the speed faster and the bandwidth appear to be more than it is. You also actually get what you pay for with a business connection with a home connection you just get whatever.
These days they are normally delivered over the same infrastructure and are very comparable. Home grade has enterprise level latency now and businesses are starting to see home speeds. I don't know any business that gets what I normally got at home in terms of up speed, down speed, reliability or latency. Business class used to often be better, but those days are over now that FioS, Google Fiber, Cablevision and others are available. Generally businesses just buy home connections now too. And the remaining business connections are often things like T lines that are pathetically anemic compared to even the worst home lines.
We have BDSL here (Business DSL) that is not A-synchronous. It also has a much lower contention ratio at the excahnge and . From 1-to-1 up to 4-to-1. For standard ADSL, you are at the mercy of your provider.
BDSL is more expensive but as @thecreativeone91 stated, you get what you pay for. -
@scottalanmiller said:
And the remaining business connections are often things like T lines that are pathetically anemic compared to even the worst home lines.
FiOs availability nor Google fiber is that great yet. I've always ran over business grade fiber which even at a 10mb connection would kill my 40mb home connection. You also get an SLA which you don't with a home grade connection. The fiber provider has only had one unscheduled outage in the past 5 years. I can't say that for home grade connections.
-
Just jumping on the thread. Like most things, web filtering has a place and isn't appropriate everywhere. In general, I dislike web filtering and feel that it is often used poorly when something better, like good HR policies, should be used. But there are times it is needed.
-
@scottalanmiller said:
Just jumping on the thread. Like most things, web filtering has a place and isn't appropriate everywhere. In general, I dislike web filtering and feel that it is often used poorly when something better, like good HR policies, should be used. But there are times it is needed.
I think the trend anymore is moving toward just blocking pornograpgy/adult content/nudity/sexual education. and then blocking for security reasons if needed (downloads of *.exe's *.bat, *.msi etc) rather than blocking everything. It's always been up to the department heads places I've worked so it varied by departments.