Security Basics mailing list archives

Re: Restricting private "webmail" access from government employer network?

From: "Meenal Mukadam" <meenal.mukadam () gmail com>
Date: Thu, 7 Aug 2008 20:04:35 +0530

Hello Eric,

One more reason that i can think of is: "One cannot completely block
those services!" Blocking has ben tried....but nothing can stop a
determined user....it just slows them down...."

By blocking, resources in terms of time, money, human resource, etc
are just wasted. What I mean is few users are so determined that they
will fiddle around with tonnes of proxies and settings to bypass the
restrictions during their working hours. Few even take it up as a
challenge or a fun item to try and bypass the restrictions. So the
resources that I mentioned before are wasted when they can be utilised
in a better way....


Kind Regards,

Meenal A. Mukadam



On Tue, Aug 5, 2008 at 1:34 PM,  <krymson () gmail com> wrote:

I read this as you asking why employers may change their mind to allow external non-work webmail access.

One reason has already been mentioned: happiness and productivity in your workers.

Another reason: Ever try to block all the webmail sites out there? Sure you can swat down hotmail, gmail, yahoo, 
hushmail and other big ones. But ever try to find my SquirrelMail box on my server at home? Good luck there. You can 
block a ton, but the security teams will never, ever say that they are confident no one is using personal web-based 
email. This can translate into a failed endeavor in the business world, thus employers may allow it.

My last reason: Someone in a position of power (CEO/Exec/HR Exec) needed to access his Yahoo account at work and got 
cockblocked. Then, since it was suddenly his pain and not just everyone else's, he made steps to challenge and change 
that policy. :)




<- snip ->
It seems some employers decide to block access to personal email/webmail
from employer networks, but then later change their mind, in favor of
allowing private (non-work related) webmail access.

Having researched the issue a bit, supposedly there are very few valid
reasons to allow private email/webmail access from a corporate network, and
many reasons in favor of restriction/banning.

If this is true, why do employers nonetheless change their mind mind in
favor of allowing webmail access? What is/are the deciding factors?

Thx,

Eric




--
Meenal A. Mukadam

-------------------------------------------------------------
Far away there in the sunshine
are my highest aspirations.
I may/maynot reach them,
but I can look up and see their beauty,
believe in them and try to follow
where they lead
-------------------------------------------------------------

Current thread:

Re: Restricting private "webmail" access from government employer network? krymson (Aug 05)
- Re: Restricting private "webmail" access from government employer network? Meenal Mukadam (Aug 07)
  - Re: Restricting private "webmail" access from government employer network? ॐ aditya mukadam ॐ (Aug 12)
- <Possible follow-ups>
- Re: Re: Restricting private "webmail" access from government employer network? straticus21 (Aug 12)