Remember Rants and Revelations » Ten Ways to get fired and/or arrested at work? Well, I got an email from the author of the WSJ article:
Hi Paul,
Thanks for the candid feedback. As it turns out, I think there might
be room for a follow-up story on things IT departments wish employees
knew. Want to take a stab at offering some thoughts on this? I’m looking
for specific tips – along the lines of the last story – highlighting
what people can do to keep themselves and their companies secure and
prevent legal and regulatory trouble. I would especially welcome any
horror stories you can offer that illustrate why these tips are
important.
Along with the note, can you confirm your full name, your location,
the full name of your firm and your title there?
Let me know what you think, and thanks, in advance,
VauhiniVauhini Vara
Reporter, The Wall Street Journal
vauhini.vara@wsj.com
415-765-8281 (desk)
206-423-3232 (cell)
Here is my response:
Things your IT Department wishes you knew:
- IT policies are there for a reason, not just to make your life more difficult.
- You may not remember it, but chances are your employee file contains a document you signed where you agreed to follow IT policies, and giving them the power to fire you, sue you and/or charge you criminally if you violate those policies.
- If you bring in pirated commercial software from home, your company could be subject to fines equal to many hundreds of times the cost of the software, not to mention costly audits and lawsuits. Guess who is going to end up paying those expenses? Is it worth risking your house and your career in order to use your favorite word processor instead of the one the company provides?
- Viruses and file sharing programs are often written by criminal gangs in order to turn your computer into a “zombie” that they can use to attack other computers, share illegal porn, send spam, or steal information from your computer without you even noticing. And pirated software you get from file sharing sites often has viruses built in. That’s one reason IT doesn’t want you running software they didn’t provide on your work computer.
Along with the note, can you confirm your full name, your location,
the full name of your firm and your title there?
I wonder why he needed every bit of that? Surely he’s not going to be a prick and call your boss or something.
Nobody’s brought up the point yet that “computers you use at the office are provided for you to use in the pursuit of company business, and aren’t ‘yours’ to do with as you like.”
Sure, most companies are a little lax and let people do other things as long as it doesn’t get in the way of work, but then some aren’t that relaxed either.
I think any reputable journalist will want full ID for someone submitting a column. It’s pretty standard even for letters to the editor.
Paul, do you have any stats on the third point? When you say pirated software “often has viruses built in”, what does “often mean — 1%? 30%, 90%? Users probably believe it’s a fraction of 1%, and just saying “often” isn’t going to change hteir minds.
Similarly, with the “your company could be subject to fines” line, even a single example would make it a much more powerful statement. Otherwise users are going to read it as scare tactics.
I don’t have the figures, but then again, I’m not a journalist so I have no incentive to look them up. I do know that the RIAA has been seeding file sharing programs with viruses disguised as popular music or videos.
Every three or four months I have to reaffirm my acceptance of the Network Use Policy where I work. If I do not do this within a certain amount of time, my account will be locked down and I’ll have to go somewhere and explain why I didn’t.
Talking to someone at work in the IT security section, he said that he often feels he has to be on the defensive in meetings because people seem to assume that he’s there to make their lives difficult because he’s from IT security.