eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
2Online Storage
Along with the inherent risk of storing corporate data in a cloud that the corporation doesn’t control, the fact that user accounts are easily hackable can create a security risk—especially if users are in the habit of having the same (or similar) passwords for all services. Also, the convenience of the drag-and-drop interfaces usually associated with these apps, combined with massive storage quotas for next to zero cost, makes it all too simple for users to accidentally or purposely put extremely large files into the folder and have them synchronized to the cloud—causing network bandwidth to take a hit.
3Online Gaming
Unless the company is in the gaming industry, it’s hard to imagine why corporate resources should be used for this purpose. Along with the risk of the game itself (caused by the client software on the PC that receives push-based updates from the gaming server, and the gaming server that establishes multiport connections to the PC), there’s the additional risk of accounts being hacked and social engineering happening in-game. Finally, as with many other items on this list, the impact to legitimate business applications in the form of competition for network resources cannot be ignored.
4Media Streaming
Each company will have to evaluate the risk relative to general user discontent on this one. It could be argued that music streaming services are relatively innocuous and provide a pleasant workplace environment. But how much of an employee distraction are they? Plus, many of these support (or are primarily created for) a mobile platform, which companies will have a harder time blocking. More than any other category of application, media streaming services can consume a significant amount of bandwidth, and therefore run the risk of impacting legitimate business activities.
5Social Media
Similar to media streaming, some services could be seen as necessary or a concession to foster a friendly workplace. Others clearly have no redeeming value to the company and employee work, and so should be blocked. It should be noted that many of these support (or are primarily created for) a mobile platform, which companies will have a harder time blocking.
6Messaging
Similar to media streaming, some services could be seen as necessary or a concession to foster a friendly workplace. Others clearly have no redeeming value to the company and employee work, and so should be blocked. It should be noted that many of these support (or are primarily created for) a mobile platform, which companies will have a harder time blocking.
7Anything From PortableApps.com or Similar Sites
Small, portable versions of full-blown applications allow users to run software on otherwise-locked-down Citrix desktops or library computers. Potential problems stem from the complete lack of control and trackability. They might be secure; they might not. They only exist on the computer when they are being run, since they typically reside on a USB drive.
8Internet Voice
Voice applications—whether corporate sanctioned or not—are extremely sensitive to delay and bandwidth constraints, and therefore dependent on network stability to work correctly. If a company is making the leap to voice over IP (VoIP), IT should set the expectation that this is the only voice client that should be running on the wire.
9File Sharing
File sharing represents two significant threats to businesses. First, there is a legal aspect, where failing to block these sites and services could be construed as tacit approval and therefore present issues of liability should an employee download illegally distributed copyrighted material at work or using IT-provided resources. Second, the files shared in this way are often significant in size and therefore impact the overall bandwidth available to legitimate business activity.
10Tip 1: Get Management Buy-in
There are times when an IT staff makes a smart move—for example, turning off a file sharing service like TorrentFreak—only to receive a direct order from upper management to turn it back on. This demand is usually a knee-jerk reaction from a user who just had his or her favorite “toy” taken away and who just happens to sit on the executive team. Getting buy-in for the list of applications, sites and protocols that are being blocked (along with reasons why it should be blocked) can help avoid this scenario.
11Tip 2: Know the Environment and Be Able to Back Up Actions With Data
In this case, a good NetFlow-like tool can show exactly which sites, services, protocols and users are involved in high-bandwidth conversations and give IT a chance to investigate (and obtain that buy-in mentioned in the first tip) before acting. Another good tool is deep packet inspection. A common course of action in reaction to complaints of slow applications is to shut down all “nonessential” applications on the network. The problem is that it can be challenging to know whether applications are slow because the network is overloaded or because the application’s servers are the actual bottleneck. A sophisticated packet inspection solution can show what is causing the slowdown.
12Tip 3: Be Reasonable
In some cases, a shutdown is simply a fact of life. Most businesses are not going to allow employees to watch Netflix on company systems. However, in many other cases involving social media, messaging or music streaming, the decision is likely going to affect employee morale and potentially even productivity. So, if music streaming is not taking up inordinate amounts of network bandwidth or employees are getting their work done even with access to Facebook, it may be best to allow such apps and services.
13Tip 4: Offer Explanations and Alternatives
Treat a group of adults like children and they will usually meet expectations. So when IT has to shut down a set of services, communicate what is happening and why. Then go the extra mile and offer alternatives; it could be as simple as explaining that users are permitted to stream music to their cell phone. Or the company may agree to set up a separate bring-your-own-device (BYOD) wireless network with its own bandwidth limitations, allowing employees to connect phones and tablets but keep traffic segmented from business applications.