To Ban or Not To Ban?

  Should the Department of Defense (DoD) ban the personal use of their networks? Federal Computer Week (FCW) recently ran several stories stating that they are seriously considering it. But the ramifications go much further than just the DoD.

The first article by FCW entitled: DOD considers prohibiting personal use of networks stated the facts as presented at the Institute for Defense and Government Advancement’s Network Centric Warfare 2008 conference in Washington. According to that report, Lt. Gen. Charles Croom, director of the Defense Information Systems Agency, said,

“The Defense Department is considering a policy that would banish all traffic not proven to be purely official DOD business from its networks…. Unofficial early estimates, however, are that 70 percent of the traffic on DOD networks today is unofficial and would be banned, said sources close to the department.”

A few days later, another report was issued by FCW entitled: Should DOD ban personal use of its nets?

This report was fairly skeptical of the concept and listed many concerns with the potential plan. "It is nearly always impossible for a policy-maker in any organization to be able to specify exactly what network traffic is "legitimate" and what is not because the work environment is rarely simple enough to submit to high-level heuristics."

 The FCW report prompted forum comments like this:  “I am already seeing a reduction of outside work related email and web site access. If it is reduced any more then I will not be able to perform my job without working from home to perform research. Also, as someone suggested moving to Firefox, I would love that, but move me to Thunderbird too since my current email tool does not work well and even though our admin people have heavy filtering on, all it's doing is allowing >100 suspected spam emails per day to get through (marked as spam though), and about 80% of outside vendors I deal with cannot get any email through. Go figure...”

TechNews World  lays out some legitimate concerns regarding current social networking policies: “To be sure, bandwidth requirements pose a legitimate concern that is not limited to the U.S. military. Large corporations, for instance, have taken to locking employees out of popular streaming video sites at the workplace in order to ensure that their networks can run at full capacity.

Sharing videos, swapping photos and other popular Web 2.0 activities can easily eat up a lot of bandwidth, said Jeff Stibel, CEO of, which provides military families with tools to create multimedia sites.

Even the New York Post ran an article in January about employees wasting time online at work . The article Net Losses strikes a balanced approach with an emphasis on good, specific policies.

* Put your policy in writing, says Nancy Flynn of the ePolicy Institute, “and I mean physically in an employee manual or something separate that the employee signs."

* Be specific, says attorney Debra Guzov. It's no good to say employees are allowed a “reasonable amount" of Web time - “to a CEO, that might be 20 minutes on lunch break; for an employee, it might be four hours."

* TELL WORKERS if you're monitoring them.

* Don't go overboard, advises Guzov, who doesn't recommend a complete ban on personal surfing. “People are working increasingly long hours, and sometimes it's the only way they can get personal business taken care of."

 Finally, Cyber ran a good piece on a blogger who lost a battle to keep blogging  about work .

 “We bloggers cry about Big Business usurping the First Amendment and stifling what they regard as the only voices of truth in the wilderness. Maybe that's true some of the time. I would worry very much about it if it were true now. But this time around, the dispute isn't about using an atomic flyswatter to squash a tiny buzzing of opinion. It's about making sure an employee is doing the job he was hired to do, not getting caught up in some overgrown, overly opinionated diary/hobby that unfairly treads on his association with his employer and has the potential to damage his employer's reputation.”

Not a lot of answers out there, but many, many questions.

I doubt that the DoD wants my opinion, but here it is anyway (from a former DoD employee). Be very careful about a total ban for all employees on personal use. My prediction: if the DoD goes that way, someone will rescind the ban within 2 years – probably sooner when a new administration arrives.  

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Healthcare records for sale on Dark Web