One of the problems with IT department is that they can often be a little bit detached from the rest of an organisation. Many are even physically separated, perhaps stuck in a separate building or floor which only helps increase the isolation. In many ways it’s not a problem after all, it’s a department which will probably need more space and room for storage of parts, replacements etc. Commonly the IT department will have easy access to server rooms so that they can maintain and support when those remote connections drop.
However one of the issues is that people who work in IT often see the rest of the company through their IT usage and not through their real function. This can be a problem with how people use technology and how it is managed throughout the company.
The classic example is that of internet usage, which over the last decade or so has become one of the main issues to manage in any IT department. First of all there are the technical complexities of allowing company clients to access outside resources. Then there are the potential security risks of viruses, hacking attempts, inappropriate browsing, email security, spam and so on. Access to the internet is now fairly commonplace but it almost always puts a huge strain on both technical and human resources to support.
For example many users will use the internet just as they do at home? Downloading BBC videos like this, visiting shopping sites, hobbies, research and all sorts of things which can impact the local network. It doesn’t take many users streaming video to their PCs to have a huge slowdown on many normal company networks which are rarely configured to cope with this sort of traffic. Yet how do you stop them? Many IT departments I have seen over the years simply block access, a few rules in the firewall will stop all access to a particular site. However this is obviously not the way to do this, a technical solution should not be implemented on it’s own.
A company should have an Internet Usage Policy to cover situations like this. Without stating clearly what employees can or can’t do online leaves the company and Human Resource departments on very thin ice. That user who spends all day streaming from Netflix or visiting porn sites is clearly not doing their job but it’s difficult to discipline without clear guidelines in such a policy or in their terms of employment. Having a proper internet policy is much simpler as it can be adapted quickly, can be referenced from other policies and things like employee guidelines. Also the policy can be directly linked to technical solutions like a proper access control list.
If guidelines are in place, you mostly won’t have to spend time chasing and blocking video and media sites individually like Netflix or the BBC iPlayer. If employees know that they are not able to use these sites and the reasons behind them generally the problem is resolved first. There may be issues with more technical users who attempt to circumvent or hide their activities perhaps using an online IP changer but there people are easier to deal with if they are directly contravening company policies.