Web Watch at Work

Print More

It’s almost an accepted fact of life that employees will use their office computers for some personal Internet surfing – checking sports sites, logging onto home e-mails and shopping – but supervisors must still try to minimize this drain on productivity. Now a government report about an employee’s computer abuse at Florida’s child welfare department shows just how difficult this task is, and the damage that can be done when an agency doesn’t watch carefully enough.

The report released last month was prompted by the case of Al Zimmerman, press secretary for the Florida Department of Children and Families, who was arrested in February and fired for allegedly using department computers to traffic in child pornography.

The agency’s inspector general (IG) reviewed the department’s technology policies and found what might be true at a lot of public and private youth-serving agencies: The department didn’t enforce its own rules on monitoring employees’ computer use and didn’t conduct criminal history checks on some workers.

Here’s one reason that agencies might be reluctant to do everything they can: According to the report, installing better monitoring equipment for department computers could cost from $106,000 to $1.8 million, with another $50,000 to $100,000 each year to run and maintain the systems.

Is this what it takes to monitor employees now? What about the kids, for whom Internet use is a cornerstone of participation in many programs?

We asked some youth-serving agencies how they try to control Internet use, and got a variety of answers. We got many useful responses that we couldn’t fit here. To see some, or to share your own ideas, go to the comment section.


Bonnie Brae, a Liberty Corner, N.J., nonprofit that provides residential services for about 100 troubled boys, monitors electronic communications by employees and youths, in part to help it comply with government regulations. Bill Wraight, information technology manager at the 200-employee organization, uses SurfControl Web Filtering, a product by Websense that costs $771 a year for a 50-user license subscription.

The software, which resides on the server, filters all Web and e-mail data and allows Wraight to globally block Web sites according to Bonnie Brae’s “disallow” rules. Workers and kids can’t get to sites with sexually explicit, violent or otherwise inappropriate content.

At the same time, up to 50 employees at any given time are monitored, with Internet/e-mail usage reports generated for supervisors, who can take disciplinary action against violators.

“We don’t monitor all 200 employees at the same time; we only can monitor up to 50,” Wraight said. No one knows if he is being watched, although certain employees under suspicion are monitored all the time. All new hires sign a detailed document that outlines usage rules, he said.

But Wraight knows the system isn’t foolproof. “For example,” he said in an e-mail after an interview, “a pornographic Web site released today that has not been categorized would be accessible and, if done so by a user who is not monitored, a record of that bad behavior is not recorded.”

One problem in the Florida case, according to the IG report, was that some department sites used a variety of monitoring tools, including Bluecoat, one of the more well-known systems, but global solutions were unevenly deployed.

Youth Beat the System

Even agencies that control online behavior by staffers are less successful with tech-savvy youth who can get around some filters. That’s what sometimes happens at Children’s Village, which provides multiple services for at-risk youth, including for some 300 residents at its campus in Dobbs Ferry, N.Y.

If it didn’t control the youths’ Web activity, noted Information Technology Director Jeffrey L. Tischler, Children’s Village “might get sued. We don’t have a choice.”

At the same time, he said, “we’re in a combined business environment and social welfare environment, and we try to give the kids Internet access.” The agency tries “to apply the same content-filtering standards to them as we do to us [employees].”

Tischler said he’s become increasingly frustrated with the SonicWALL filtering system used by Children’s Village. “We’re finding that the kids can get around it better than our staff can,” he said.

The agency is searching for a more robust solution, looking at iPrism, made by a company called St. Bernard. Even if iPrism is nearly double the $1,200 annual cost of SonicWALL – Tischler estimated the cost at around $2,000 a year, plus a one-time $1,000 hardware charge – he said it would be “worth it to us.”

He said his understaffed work force wastes time tracking down Internet abusers and often just shuts down access for all the kids – an unfair universal punishment for the bad actions of a few.

Trust, but Verify

Others can’t justify the expense of high-tech monitoring gizmos that are inherently fallible. Kelly Shifflett, director of public relations and prevention at Rockbridge Area Community Services, which employs 140 workers and counsels some 1,600 youth and adult clients in four Virginia communities, said her agency takes a “trust and verify” approach. Rockbridge tries to control online mischief with extensive written electronic communications policies.

The technology staff can check who has logged onto computers and can see what workers are viewing online. In addition, Shifflett said, supervisors can undertake “security inspections” of workers’ property, including computers, at any time.

Shifflett said workers must sign off on the work rules annually and are notified of any changes. “No one can assume that any electronic communication [at work] is private,” she said.

One problem in Florida, according to the IG report, was different interpretations of department policy language on whether staff could access personal Web e-mail accounts during non-work hours.

Clear policies and careful management are the best solutions, said Christina Hemmer, the employee learning, development and safety coordinator for Dakota Boys and Girls Ranch, a faith-based program for at-risk youth in Minot, N.D. “The best and most useful thing a company can have is a detailed Internet and e-mail usage policy, and to include this in new employee orientation,” Hemmer said via e-mail.

Technology is not a substitute for oversight, she added. Agencies may be unable or unwilling to restrict the use of personal Web-based e-mail accounts – the very way Zimmerman allegedly perpetrated his activities in Florida.

“Managers need to know what their employees are doing,” Hemmer said. “While computer monitoring seems like a cure, it misses the opportunity for managers to be responsible to manage the work of their employees.”

But Shifflett at Rockbridge noted that as younger generations move into the workplace, having been raised on text messaging and social networking websites like Facebook – which bypass internal controls – neither software nor strict rules may be enough to control inappropriate use of technology.

There is “a looseness in how we handle ourselves that we may have to address a little bit more firmly, just as this generational thing moves through,” she said.

  • Christina Williams

    The YMCA of San Diego County uses Websense.

    Christina Williams
    Grant Writer
    YMCA Youth & Family Services

  • Kelly Shifflett

    Although I thought we had something like that in place (I’m on our leadership team and would like to think I’m in the know!), it turns out we don’t. Apparently we can only resort to searching History, Temp Internet Files, and Cookies to glean where our staff have been roaming.

    Kelly D. Shifflett, Ph.D.
    Director, Public Relations and Prevention
    Rockbridge Area Community Services

  • Joe Diament

    We do not have any software that “spies” on our staff. When I worked for NH’s DHHS (4 years ago), the Commissioner and senior managers had the right to review employees’ State email account (very rarely done) but I don’t know about any monitoring of general computer use. The screens that the State used were very severe so that not only was sexual material blocked, even sports related stuff was blocked. This was the case while employees were on the State’s network. It may not have been as strong a blocking agent if an employee had access to a laptop that they could take to meetings and home.

    Joe Diament, Director
    Programs & Administration
    New Futures

  • Nickole Fox

    According to our IT manager, we use what’s called a proxy server. It can monitor internet use, block websites, and limit bandwidth so one computer on the network can’t take over and prevent others from getting on line.

    Nickole Fox
    Coordinator for the Alcohol Tobacco, & Other Drug Prevention Program
    American Indian Health and Family Services

  • Jeffrey L. Tischler

    At Children’s Village we use a firewall product from SonicWall. We also subscribe to a content filter sold by SonicWall. Our experience with this particular content filter is that:

    1. It is not as up to the minute as it could be, that is, whoever/however the content filter is kept current, it is somewhat less than current.

    2. It does not do a good job of blocking kproxy and https: sites. The product assumes that the owners of the https: sites will keep them secure, which is true, but it doesn’t stop porn sites from setting up https: sites.

    3. New kproxy sites are born every day. People who keep track of them know where to find them, and they basically give users an open path to the Internet.

    For many organizations, this arrangement might be OK, but for a child welfare agency, it is a problem. We are looking into more robust solutions, which generally include hardware devices specifically designed for this purpose, from vendors (Barracuda and iPrism, for example) whose focus is on blocking undesirable Internet sites.

    Jeffrey L. Tischler
    Dir. Information Technology
    The Children’s Village