Posted using LJTalk...

[xoder]

If you were a sysadmin, and the network policy expressly forbid installing an IM client, what would you say about a JavaScript-based IM web page being loaded by a local web browser?

Comments

[mughi.livejournal.com]

Since the primary intent of the policy is likely to forbid personal activity on company time, sites such as meebo.com must be blocked as well.

One can circumvent this policy by using some remote desktop service (vnc, pcanywhere, gotomypc, microsoft terminal services, etc etc), but you would still only be circumventing the technical restriction of the policy, not the intent - that you are on the clock and being paid to work, not play around.

[xoder.livejournal.com]

Actually, the Policy and Standard Procedure document says the policy is in place to prevent data leak to uncontrolled sources (as well as downtime due to malware/viruses). (As in, the same reason I leave my flash drive at home and have to leave my phone at the front desk.) A JavaScript-based client (run within a secure JS engine, like Gecko's) circumvents these issues.

FYI, meebo is not blocked (in fact, its how I posted the entry).

[mughi.livejournal.com]

If security is an issue (as is evidenced by your cell-phone and thumb drive restriction), then all outgoing methods of communication should be blocked or heavily monitored and controlled as well.

Luckily, the worst I have to do is block myspace and related pages at my clients...