Ben Worthen has a post looking at restrictions on the use of consumer technologies in businesses. Apparently, a lot of corporate IT departments have found it necessary to ban a lot of consumer applications like Skype, webmail, and the iPhone from their networks because they’re required to monitor and record all of their employees’ communications, and it’s hard to do that with applications that aren’t specifically designed with employer monitoring in mind. This strikes me as profoundly stupid. If the goal is to prevent employees from leaking confidential information, this kind of ad hoc monitoring isn’t going to get the job done. Employees will always be able to find some application that lets them transfer files (the IT manager Worthen interviewed admits that there are some additional sites she’d like to block but hasn’t yet). And even if the computers are totally locked down, they can still write down confidential information with a pen and paper and carry it out of the office. The bottom line is that an employee determined to violate his employer’s trust will find a way to do so no matter what the IT department does.
Apparently, though, this is what securities law requires. So you can’t really blame the IT departments for complying with the law. But it’s worth noting that this is more a quirk of a few regulated industries (health care is another where information-disclosure is tightly controlled) rather than a general property of American business. If your company isn’t in one of these industries, it probably doesn’t make sense to impose these kinds of draconian restrictions. And Congress might want to re-think regulations that require companies to behave this way.