Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 508
  • Last Modified:

suggestion box

Was wondering if there is anyway to figure out my problem.  We use a program called suggestion ox and you can send anonymous comments about our company.  It is as website.  This works fine except that any employee can put as many comments as they want on there.  I could complain about something 100 times and they might think it is coming from multiple people.  Is there any software out there that would limit people from sending more than one suggestion per computer?  Or maybe a way with a new email address that I could setup and everyone sends from there but we would not know the sender?  Not sure what to do.  Any ideas would be appreciated.
0
mkramer777
Asked:
mkramer777
  • 3
  • 2
  • 2
1 Solution
 
Ken ButtersCommented:
if you use MS Exchange Server : If you get a suggestion that seems to be over-inflated... you could just send out an email in outlook with voting buttons.

Do you like suggestion XYZ?

Vote Y/N.

Outlook will tablulate the results for you. (although... these results would not be confidential).

http://office.microsoft.com/en-us/outlook-help/add-voting-buttons-to-a-message-HP005242171.aspx
0
 
mkramer777Author Commented:
Don't use exchange.
0
 
Joe Winograd, EE MVE 2015&2016DeveloperCommented:
This is a fascinating question. I've been racking my brain on it and can't think of a foolproof solution. Every time I come up with an idea, I can think of a way to beat it. Also, even if you could do it, do you really want to limit an employee to just one suggestion? I can certainly understand not wanting an employee to stuff the ballot box (e.g., 100 of the same suggestions), but it seems reasonable to allow an employee to have suggestions on different topics — nothing wrong with that, especially across a decent-sized time frame.

My recommendation is to take a policy (not a technical) approach to the problem. I would create a policy (perhaps in the employee handbook/manual) that says employees are not permitted to submit the same suggestion more than once and that doing so could result in termination for cause. The employees know that the system is anonymous and they are unlikely to get caught, but I suspect that very few folks will take even the slightest risk of losing their jobs in order to stuff the suggestion box — just not worth it. I'd love to have an ironclad technical solution for you, but I don't. Regards, Joe
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
mkramer777Author Commented:
Management did not like that answer.  They want me to keep looking.  I have no idea what to tell them.  Maybe there could be a recipient email address that could mask the email address where it is coming from?  But that still would not allow people to not send it many times unless you could track the ip of the computer that sent the email.  I know this sounds ridiculous to go to these lengths but we had a situation where we suspect an employee sent many suggestions and changed each suggestion just a bit so it seemed like it came from several different employees.
0
 
Joe Winograd, EE MVE 2015&2016DeveloperCommented:
> I have no idea what to tell them.

I would tell them it can't be done — technologically.

> Maybe there could be a recipient email address that could mask the email address where it is coming from?

Sure, there are ways to mask the sender, but then how do you stop the sender from sending more than one?

> track the ip of the computer that sent the email

But if an IP is tied to a particular user's computer, then the submission is no longer anonymous. And, besides, you want to allow more than one suggestion from an employee, as long as they're truly different suggestions.

> I know this sounds ridiculous to go to these lengths but we had a situation where we suspect an employee sent many suggestions and changed each suggestion just a bit so it seemed like it came from several different employees.

That's where the policy might act as a deterrent. Would an employee do that if it were cause for termination?

> Management did not like that answer.

Like it or not, sometimes the answer is "can't be done".

OK, here's another idea, but the employee would have to trust the employer when the employer says it's anonymous. There would be an employee in Human Resources who receives all suggestions — the HR Suggestion Representative (HRSR). The HRSR would be under strict rules not to divulge the source of suggestions, just as an HR person would not divulge other confidential information about employees, such as salary, social security number, etc. Employees would send suggestions to a specific mailbox that only the HRSR (and, perhaps, delegates under the same confidentiality rules) can access. The HRSR would validate the suggestion to make sure it is legitimate — no one would stuff the ballot box when the HRSR can see who is sending each suggestion! Then the HRSR would send it along to the "suggestion workflow" without any trace of where it came from. The HRSR would then delete the original email from the employee. Once it is passed along by the HRSR, there would be no way of tracing the source (at least, no easy way — the IT gurus could probably figure it out, but that's where the trust factor comes in). So it is anonymous, to the extent that employees have trust in the whole process — and in their employer. Regards, Joe
0
 
Ken ButtersCommented:
Well.. the whole point is that it is anonymous.   By the very nature of anonymity... I do not believe that you are going to be able to count how many came from a specific person.

In order to count them... you'd have to (somehow) cross reference them back to the original poster... and that in itself will destroy the anonymity.

Honestly.... I would tell management they need to make a choice.... anonymous or tracking... but they cannot have both.
0
 
Joe Winograd, EE MVE 2015&2016DeveloperCommented:
> Honestly.... I would tell management they need to make a choice.... anonymous or tracking... but they cannot have both.

Excellent summary of my previous posts. Regards, Joe
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now