I.T. Policies

Revisit the web filtering procedure

The CIO/OFT web filter often prevents access to websites needed for me to do my job, either because of false positives or false assumptions. This usually hits at the worst time-pressed times, so the current process for asking for an exception is too cumbersome. Specific examples of a:


- False positive: Assigned task, research security issue. A website that mentions the word "hacking" is misinterpreted as a prohibited hackers' site.


- False assumption: Assigned task, research a webpage creating-vendor's approach on one of the sample pages it has helped a third party create. The sample page is a federal government webpage about strengthening romantic relationships to reduce societal harms like divorce. False assumption is made by the web filter this is a prohibited "Dating" webpage.


- False assumption: Assigned task, determine vendor's statements on a public policy issue. Finding that vendor has taken down its webpage, try to access Internet Archive to find earlier version of page. Prohibited. (Not sure the reason why).


- False assumption: Assigned task, research public policy issue where most discussions have taken place overseas. Try to use web language translator websites to translate discussions into English. Prohibited. Not sure why.


I think CIO/OFT should explore a better approach, one which generally permits the requested accesses based on the assumption it can trust its workforce members, but with a more robust logging and alert capability.


For example, workforce member tries to access questionable site, receives warning message: "This site has been flagged as inappropriate because it contains ______ types of content. Please enter your work-related reason for accessing this site."


This would train and encourage any workforce members not following acceptable use policy to either desist immediately, or in the future.


But this would allow legitimate uses to go through with a justification without work being stopped in its tracks.


And this would still allow administrators to monitor and prevent abuses. ("Gee, Mary's website accesses were frequently flagged as possibly inappropriate this month. Let's make sure she isn't doing anything inappropriate and her assertion of work-relatedness is supportable").



9 votes
Idea No. 57