In this second post I want to put forward some of the benefits, again as I see it, of why we should spy.

So, without further ado:

Regulatory Issues.

I mentioned in the last post that I won’t enter into a ‘legal or not‘ debate here (happy to discuss the morality and ethics though) as they vary widely from country to country – but in my experience and in my reading up on the matter it  would appear that courts generally rule in favor of the employer in a vast majority of cases regarding workplace privacy.

What does this tell me? That the law makers and the governments believe it is right to filter / monitor. It follows then, that as we are meant to be guided by the bible that we should adhere to the ruling practices of our country.

Meet Legal Obligations.

In a similar vein to above, does your country require data to be kept? Do you need to be able to retrieve emails from 2 years ago if so ordered by a court? What about your telephone logs if using VOIP? By filtering / monitoring / logging, and here we are looking at more than just internet usage, you can ensure you meet your country’s requirements.

Investigate claims of abuse

This also could have legal ramifications – but equally could just be a matter of morality especially within a church setup. However, the problem of employees using the internet inappropriately puts you in the same boat as every other company. Put it another way – you’d be foolish to believe your workplace is exempt.

It is becoming an increasing problem – employees abusing their internet privileges by chatting with friends, trading (stocks, ebay, etc), shopping, watching TV or films, and much more.  In short it’s a loss of productivity that you, the employer, are paying for. In the case of a church it is ultimately the members that pay.

Increase productivity.

Conversely, by monitoring / controlling your employees access you should increase their productivity. Which simply means (in business terms) increased profits. In church terms in means better stewardship of your resources or doing more for less. It is estimated that approx 75m of every day is used for non-business related activity for each member of staff.  Based on a figure of (I believe) £14ph average pay in the UK then that equates to an annual loss of £3,640 per employee! I don’t know about your church but that’s a huge figure here.

Stop confidential material from’walking’.

This comes back to the trust issue.

Sure, we can get staff Criminal Records Bureau (CRB) checked, but even that is not 100% foolproof. But what if you decide you don’t need that – as it has a set cost per employee in the UK to undergo – what guarantees do you have of any security or peace of mind? What about the data you no doubt keep on the church members and visitors? Are you registered with the Data Protection Register? If not, in the UK, it’s a criminal offence and who suffers – the guy at the top which in this case is the pastor.

The greatest assets in any company is the data contained within it – that applies equally to any church. You need to ensure it is protected and you need to do your best to ensure it doesn’t get leaked to third-parties. Part of this comes from correct access rights within your network but equally controlling what gets out of your network.

So, what else in a nutshell could we say?

How about some bullet points of reasons to monitor?

• A computer and its internet connections is church property.
• Increase your employee productivity.
• Staff not doing their job lowers morale.
• Stop confidential matters from leaving the church unintentionally.
• Protect the church from lawsuits for sexual harassment, defamation, illegal activity, etc.
• Ease maintenance and management of systems.
• Reduce troubleshooting within your network and applications.
• Reduce bandwidth usage.
• Allows you to conduct employee investigations.

Now, don’t misunderstand me. Nothing is perfect and nothing is foolproof but by engaging in monitoring you reduce the liability or the accidental chance of someone doing something you never intended.

I also want to make it absolutely clear here that I am 100% against spying. Most products (certainly the ones aimed at non-business use) seem to espouse the idea that covert investigations are ok. On the contrary, they aren’t and never should be. I’m a huge fan of the ‘let’s discuss it approach’ as in let’s talk through the issues and the benefits / downsides and then if I opt to implement filtering / monitoring you are fully aware that this is the case and can have no grounds for complaint.

My proposed part three may take some more time to create as I investigate current offerings.

Those of you who read this blog regularly will know that I’m a wee bit passionate about protecting your own equipment and in helping guide your children down the path of healthy surfing and computer use. So you won’t be surprised to know that I’ve added a comment or two.

Today, the following comment was added:

I just don’t know about actively monitoring staff or employee computers. It seems like spying. I’ve always found that having everyone sign a computer and internet agreement policy and then locking down everything that wasn’t email or internet browsing through the router was plenty. There’s no reason to spend any amount of money or time installing monitoring software. It makes people feel like you don’t trust them and they don’t really work anyway. If you just have to see what your staff has been doing on the web most routers keep a log of every site visited and with what computer and at what time.

Well I was going to type up my reply on John’s blog but it started getting a little long, so instead I’m answering it here.

Initially I have to say that this approach by the commenter seems very narrow or naive. But please don’t get me wrong – I’m not trying to belittle the author of the comment but address the issues raised. It may be that they’ve never really thought through the process or indeed are just reacting to the idea of a big brother type approach.

My first response has to be that trusting the staff is not a good approach to good stewardship or our church resources – be that time, staff, kit, money, whatever. Let me put it this way. Do we really know everyone on staff that well that we can trust them 100% not to do something they shouldn’t? Secondly, I don’t see it (and nor do I promote it) as spying or monitoring usage but rather giving the user peace of mind if they inadvertently click on a dodgy link. And by dodgy I simply mean it could download malware, a virus, an advert to something unsavoury or even a disguised link to a site we wouldn’t want to be visiting.

The issue of trust is a strange one to bring up as a defence for not using control methods – as christians we shouldn’t judge our fellows but the bible (to my knowledge) doesn’t say we should trust everyone. There is a difference. Trust is earned, it is not a right. This goes equally for the pastor as it does for the children’s church worker who only uses the computer once a week. If anything, I would have to argue it applies even more to the pastor than others.

If there is software or hardware available to aid this process then we are acting unwise to not use it.

My second response in to spy or not is to ask what could happen if we don’t? I won’t attempt to address legal issues or ramifications in this post as they vary from country to country and possibly state to state in America. However general principles are likely to be the same. It is almost certain that as an employer (and because it’s a church it is unlikely to be excluded here) that there is some form of expectation on them to be able to identify criminal activity that originates from within their place of work.

Does your country require employers to maintain logs? Well then there’s another valid reason to “spy”.

The next issue to address, though not directly raised by the comment, is abuse. Abuse is also a very emotive word so let me clarify – by abuse I mean doing something on the computer issued by my employer that is not in line with their business. Let’s look at some statistics:

• Non-work related Internet surfing results in up to a 40% loss in productivity each year at American businesses. – Gartner Group
• 85.6% of employees use office email for personal reasons.
  - NFO Worldwide
• 70% of all web traffic to Internet pornography sites occurs during the work hours of 9am-5pm.
  - Sex Tracker
• 92% of online stock trading occurs from the workplace during work hours.
• 64% of employees have received politically incorrect or offensive emails at work.
  - Business Week
• 30% of American workers watch sports online while at work.
• 24% of American workers admit to shopping online while at work.
• Employees use company high-speed Internet access to visit sites such as Broadcast.com and MP3.com more frequently at work than they do at home because of the high-speed Internet access at work.
  -Nielsen Ratings
• 30 to 40% of Internet use in the workplace is not related to business.
  - IDC Research
• 37% of workers say they surf the Web constantly at work.
  - Vault.com
• People are spending more time surfing the Internet at work than they are at home, mainly because home Web connection speeds pale in comparison to the faster connections that companies give their employees.
  - ZDNet Interactive Investor, 2/18/00
• 77.7% of major U.S. companies keep tabs on employees by checking their e-mail, Internet, phone calls, computer files, or by videotaping them at work.
  - American Management Association
• 63% of companies monitor workers’ Internet connections and 47% store and review employee e-mail.
  - American Management Association
  27% of companies say that they’ve fired employees for misuse of office e-mail or Internet connections, and 65% report some disciplinary measure for those offenses.
  - American Management Association
• Misuse of the Internet among employees has become a major concern, especially within the last few years.
  - Computer-Monitoring.com

None of those really make for pretty reading.

Ok, so remove the pornography ones. Let’s say we trust our church staff that much; or should we?

• A 1996 Promise Keepers survey at one of their stadium events revealed that over 50% of the men in attendance were involved with pornography within one week of attending the event.
• 51% of pastors say cyber-porn is a possible temptation. 37% say it is a current struggle -
  Christianity Today, Leadership Survey, 12/2001.
• Over half of evangelical pastors admits viewing pornography last year.
• Roger Charman of Focus on the Family’s Pastoral Ministries reports that approximately 20 percent of the calls received on their Pastoral Care Line are for help with issues such as pornography and compulsive sexual behavior.
• In a 2000 Christianity Today survey, 33% of clergy admitted to having visited a sexually explicit Web site. Of those who had visited a porn site, 53% had visited such sites “a few times” in the past year, and 18% visit sexually explicit sites between a couple of times a month and more than once a week.
• 29% of born again adults in the U.S. feel it is morally acceptable to view movies with explicit sexual behavior
  - The Barna Group.
• 57% of pastors say that addiction to pornography is the most sexually damaging issue to their congregation
  - Christians and Sex Leadership Journal Survey, March 2005.

Sobering isn’t it?

If pastorscan suffer this, then how much more do we mere non-pastors suffer the same temptations? You could argue that most of your church staff are female so this wouldn’t apply … well think again as an ‘Internet Filter Review’ survey revealed that 10% of adults admit to surfing for porn and of that 10% over a quarter (28%) are female.

I’m hoping that you are all starting to see why I believe so passionately in filtering or guiding. We have to accept that we live in a flawed world and that we are also flawed – some of us more so than others. After all, we came to Christ recognising we were flawed.

In my next post (hopefully) I’ll cover some of the benefits of filtering so that if you need it, you can go off and comfortably debate the issue and be armed with good reasons why we should.

Emotive words like “spying” are good words to use for stopping us from implementing policies and methods to guide; so I’m hoping to provide you with good reasons to start ’spying’ – if the above hasn’t already convinced you. Maybe in another post I’ll cover some of the ways you could do this – and preferably for free. And with me, free doesn’t always mean just because it’s the cheapest.

I’ve been up all night – no not willingly as I’m at work and in 4hrs I’m attending a men’s breakfast. I’m going to try and get a decent enough seat so that I can stream the speaker live on ustream.

We have Mike Warnke over from the USA speaking – for those that don’t know Mike he was the number 1 christian comedian for a number of years. Anyway, he’s a good guy, funny and has a unique perspective on life.

Please feel free to stop by and watch my ustream – it’ll tweet when I go live but I’m not quite sure what the URL will be but you can try this one or just watch my twitter stream at about 10am UK time.

• Do you protect your data at home with passwords, encryption, etc?
• Do you use different passwords for different sites?
• Are you seen as the computer expert in your household?

Yes?

Then let me ask you one more question:

• How would your loved ones get to the important and necessary data if you suddenly die?

I know. That sounds brutal. But allow me to explain.

Last night I read a sometime old online friend’s account of the passing of a friend of hers and how all the accounts were securely locked with high strength passwords and encryption. The blog goes on to record their attempts at getting the data back and various strategies they employed to access the data.

Then just today I discovered that a school friend of mine passed away last September.

Both of those things set me to thinking how my family would cope if …? Fortunately I have a plan in place. Anyway, re-ask yourself my first set of questions. Now ask yourself, how would your family get to the data they need to continue living? Could they access online bank accounts? What about email accounts to inform friends and relatives of the news?

Can you see where I’m going with this?

What’s your plan?

Do you have one?

And yes, I know, any answer would go against all ingrained security advice I and many other professionals would give.

For my part, as hinted, I do have a plan. On my home PC I do use security. I have encryption and layers of passwords protecting various documents, etc which all control access to all of our financial data, policies, insurances, etc, etc …

Would my wife cope with being able to access that data without help? Would she access it even with help? The short answer is I doubt it very much because the standard passwords I utilise would require 100,00 machines and > 3½ Billion hours to crack according to the estimator over at Mandylion. By which time it is likely that the information is virtually useless to my wife.

So what do I do? I have a document I’ve created that details how to get to various accounts. Where and how the passwords are stored. Where and what passwords for what account and so on. This document is then securely located (should I be ultra paranoid and lodge it with my bank?) and a note within my will indicates where it is.

This, I trust, would allow my wife to gain access to anything she needed too. The document also allows me to detail other relevant items such as possible insurances she might be entitled to and so on.

So what about you… what’s your plan to allow your loved ones access to your data?

However, that’s a subject matter for another time and another post. What one can’t avoid, so it seems, is the need to have a technical certification. Companies seem to turn a blind eye to experience and especially recruiting agencies. I know for a fact that certain agencies in the UK use an automated scanner looking for keywords for certain roles – so your CV arrives and is never seen by a human until after it’s been vetted by a machine. This is life now and so if you’re wanting to get into the network field, then as  bare minimum you’d need to start with a Cisco Certified Network Associate (or CCNA) certification.

This one exam (or two depending on route taken) certification is seen as the ultimate “I know what I’m talking about” introduction cert to get into the network industry. For my part I have taken and I have passed my CCNA but only after I’d already got into the industry.

Other certifications you might consider for different career paths could be:

Microsoft Certified Server Administrator – MCSA

Linux Professional Institute – LPI

Certified Ethical Hacker – CEH

Security Certified Network Professional – SCNP

… and so on.

Anyway, the point is, the CCNA is a tough exam to pass. And it is one you will likely need help or at the very least encouragement with. For my part I’ve found two sites that are good at these things and both are run by current Cisco Certified Internetwork Expert (or CCIE) which is the pinnacle of the Cisco certification tree. The two are Chris Bryant, an American CCIE and Paul Browning, a UK based CCIE.

Maybe it is because I’m British but it is mostly because Paul has laid out his website in a structured manner that I would recommend his site over Chris’s. You know what they say, ‘you pays your money you takes your choice‘. Which reminds me, both of these sites are member sites and require you to pay for most of the information – but then if you are serious about your career then investing some of your money into your study is surely no bad thing.

Also, at the moment as a HUGE incentive, Paul is running a competition open to anyone that passes any CCNA level cert. So that’s CCNA, or Security or Voice exam between now and the end of April a flight to the UK with one week’s hotel stay and one week course for any CCNA level course of your choice.

Anyway, should you sign up to Paul’s site then please do me a favour and say I recommended his site to you. All you need to do is enter my name – Stuart Dyckhoff – in the ‘how did you hear about us‘ section when you sign up.

What’s in it for me? The possibility of some freebies.

Whats in it for you? Industry recognition and satisfaction in joining the elite few that have passed a Cisco exam.

Here’s one I’ve managed to miss before – so many things, so little time …

Anyway, regular readers will know that I’m a fan of keeping my children safe online and by extension all children.

I’ve long been an advocate of everything and anything that helps to promote the safety of children and not just online. Anyway, it would appear that InSafe host an annual “Safer Internet Day” and this years theme is:

Think B4 U Post!

I agree.

So what is SID? In their own words:

Safer Internet Day is organised by Insafe each year in February to promote safer and more responsible use of online technology and mobile phones, especially amongst children and young people across the world. The topic for 2010 is “Think B4 U post!“.

To read more, simply click on the image above.

And by the way, it’s today!

I forget at times just how easy it is to do things and it’s usually when my wife asks “how do you…” that I realise I’ve been glib or dismissive in trying to pass on knowledge.

So today I bring you 4 ways to create a PDF.

1. Buy an application. Honest, this is probably the expected way and there are many, many options here. From the original Adobe PDF (not the reader) to CutePDF to Foxit … well, google’s your friend.
2. My preferred method is to use Adobe’s InDesign and it’s built-in export to PDF
3. For a free method create it in wordpad (it’s a free cutdown version of word included with every Windows PC) and print to it using a PDF printer driver such as the one from PrimoPDF. Once installed you treat it like any printer except it outputs to a physical file on your computer.
4. Finally, another way is to use an online convertor such as the one at FreePDFConvert.

There are pro’s and cons to each of the above methods with the first two having the major con of cost, whereas the later two have issues of security or restriction in what you can convert or create in the first place.

Why you’d want to create a PDF is an entire new set of reasons that I’ll leave to your imaginations.

I just wish I could afford to play with some of their paid for tools as they look ultra cool and ultra geeky. That suits me just fine.

The latest free tool to their stable is the “Network Config Generator“.

It looks like it could be a really useful tool to anyone who has a dislike of configuring network devices. There appears to be little restriction on what type of network devices that can be configured by it from firewalls to routers to switches so long as they have a CLI style access.

You can create your own configurations or you can utilise a template. The tool comes with a few templates already built in and more accessible via Thwack (solarwinds forum / resource site) and they are likely wanting to rely on the massed ranks of network engineers to supply more – and I’m certain that will happen.

I haven’t had a chance to play with it yet myself as it requires a live connection to a device and I don’t have any to hand.

Anyway, check it out if you need it and let me know how you get on.