Andrew, you asked:
> . . . what I'm trying to work out is whether there is any legitimate cause
for >concern that *some* filtering is worse than none at all. There seems to
be an >urban myth around which is stopping people from doing any checking,
lest they >fail to stop everything.
Some filtering, where a policy exists to restrict usage of the computer, is
in my view essential if you wish to show that you took reasonable measures to
prevent such usage. If you ever needed to report an individual for breach of
(say) the Computer Misuse Act 1990, you would have to show the person was not
authorised to use the computer (or software or data) in that particular
manner and, more importantly, that they KNEW they were not so authorised.
The urban myth is no more than that - a myth. Recent cases have shown that
without evidence of the misuse and an ability to show that the individual was
aware of the restrictions there is no chance of prosecution. Dismissal or
other action against the (alleged) perpetrator can also fail.
A policy without enforcement is no policy at all. No policy means you don't
mind what people use your computers for.
With a filtering and monitoring regime you can pinpoint misuse at an early
stage, and take action to eliminate any misunderstandings about your policy.
Ian Buckland
MD
Keep IT Legal Ltd
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|