Thoughts about employees accessing internet mail from work

Posted on 2006-05-11
Last Modified: 2010-03-19
We are about to implement an internet proxy at our office.  The CEO has decided that with it, he wants all internet email sites blocked to the employees.  I have worked in both types of environments... ones in which the employees can access their own personal email - and ones that they can't.  I am just curious as to what other Email Administrators have seen...

When you block the employees from accessing their personal email, did you see a dramatic increase in the use of company resources for personal email?  An increase in spam?  Employee morale drop?  

This has been a loose environment for 20 years.  Slowly, but sure things are tightening.

Just looking for some real life experiences.

I will share the awarded points - based upon the responses.

Thanks,  Jamie
Question by:jolder
    LVL 42

    Assisted Solution

    what is the rationale behind blocking private email?  security risk for viruses?
    if it's not security risk, perhaps a compromise would be to implement the block except during noon-1pm (lunch time)?

    if you block private mail, it's possible that employees may start using company mail for private purposes (as you mentioned).  if the changeover is implemented with a caution that all company mail is subject to review (i.e. it is not private), you are likely to curb most of the personal email.

    i knew someone who worked at a company where they were really strict on internet access and email use.  the result was paranoia.  not really the best recipe if you want happy employees.

    i think there is a balance.... too much one way will make people feel like they live in a communist state.  too much the other way and your work production goes down alot....

    Author Comment

    I worked at a company that was extremely strict too.  It was just as you said - breeding grounds for paranoia and low morale.  

    The proxy solution is actually an anti spyware appliance (Barracuda) that also comes with proxy capabilities.  The original goal was to get the device for the spyware.  It also blocks viruses.

    The email blocking came about when we decided to use the proxy component to block against pornography/warez, etc.  The CEO wants the email blocked.  I think that it is going to hurt employee morale, and would prefer to not block it.  

    LVL 79

    Assisted Solution

    You're right, there are two camps on this subject.
    I work with Government/Military sites that absolutely forbid any use of personal email accounts. They must adhere to strict standards and regulations.
    I work with Financial institutions that absolutely forbid use of any personal email accounts. They must adhere to strict GLB requirements.
    I work with Hospital activities that forbid any use of personal email accounts to comply with HIPPA regulations

    If my corporate office banned use of personal email I would not be able to participate in these EE forums except from at home. Our corporate email filters (outsourced) long ago designated email from EE as spam. One due to the potential spelling of the domain name - expert sex change - and two because of little text adverts inserted into the ee notifs (which seem to have been halted a while back).
    We enjoy a fairly lax environment at work, but one of my jobs is to provide consulting to other offices and companies on the risks and dangers of allowing this practice. The primay one is that it is a back-door vector for virus/worms. If the "front door" through the corporate email system has stringent virus protection and worm protection, spam filters, etc, then you are protected to some degree. If Nancy down the hall is allowed to open her private email, and that email has an attachement with virus/worm/malware, then your corporate defenses don't see it at all and you are vulerable to attack. It really is a *bad* idea to allow anyone/everyone to access their personal email accounts from the office.

    You combat the morale issues with education. Educate the users on the dangers - constantly, not just once. Educate users about viruses and worms and adware/spyware. Educate users about the costs of repairing compromised systems, and the bigger cost of not repairing them.

    Have written acceptible use policies written in plain language that details what can/cannot be done on the company computers, and what can happen if you violate the rules. Have every employee sign this policy and re-sign at least annually.

    Advertise this tighning of the reins  as enhancing the bottom line of the company and ask for everyone's support in backing the company goals. Make it seen as a positive thing for the well being of the company, not just another restriction on individual freedoms.

    Let them know that you will look for alternatives to support their need for some personal communications while at work. Look into creating a secure environment on their desktop where they can read their personal email, but no matter what they download, it can't leak out into the corporate environment.

    Just don't make it seem like big brother with a sledghammer coming down all of a sudden.

    LVL 5

    Accepted Solution

    I actually encourage the use of personal email accounts for personal messages. We want to restict our mail server to school-related messages only. I would rather risk a user having a virus on his/her computer than on my mail server. It has been my experience that has you tighten restrictions on users, users will try harder to subvert the security methods you are implementing and users are typically more likely to have contempt for IT personal and policies.

    I teach several staff classes each year basic security that is beneficial to the user at work and home that helps the user to be aware of viruses, malware, etc. I also asked several users to become a member of a technology committee to assist in developing policies that help keep our network secure while not being to restrictive to users. It has worked extremely well for us.

    The most important advice I can give you in no matter what kind of restrictions your company imposes is - treat your users with respect and never, ever imply they are not intelligent because they can't remember a password or deleted an important document. If you do this, problems with viruses and malware will greatly diminish.

    For the record, I worked at the first Marine base to cutover during the NMCI project, state and county governments, private consultants, and a upscale-private school. I have experience with various securtiy scenerios.

    LVL 14

    Assisted Solution

    It is important to note that the liability goes up for the company if they control the email.

    The more you control it, the more $ the courts expect you to turn over in a law suit.

    The other part of the equation is blocking "All" email sites.  There are hundreds, and new ones pop up everyday.

    If the company feels that there is a problem then they should start out with monitoring, and compare the records with the employees performance.

    Maybe, just maybe, the person with the highest sales numbers is the person who also does the most surfing.  It certainly is a better way to spend the time on the phone then playing solitare.

    You might want to google productivity, because I heard that even with internet access at their fingertips, American workers have still increased productivity...
    LVL 9

    Expert Comment

    Use internal IM system like LanTalk instead E-mail


    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Lets look at the default installation and configuration of FreeProxy 4.10 REQUIREMENTS 1. FreeProxy 4.10 Application - Can be downloaded here ( 2. Ensure that you disable the windows fi…
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now