Internet filters – they’re extremely common in today’s office environments, and overwhelmingly viewed as a pain in the ass by employees. When I recently started working for a company that employs a strict filter, I started doing some research. As I dug into the issue, I found that the questions I was asking surfaced again and again on forums, web-sites, and in casual conversation on the subject. The most common questions are:
1. What is an internet filter?
2. Why do employers use internet filters?
3. Can internet filters be bypassed?
4. Should internet filters be bypassed?
The first three questions are relatively easy to address. The third one, however, is a tricky one. Depending on your situation and your position in your company, the answer may vary significantly. I’ll tell you what I think, and let you make up your mind for yourself. Whatever you choose to do, don’t come crying to me if you get into trouble.
1. What is an internet filter?
In simple terms, an internet filter is a means by which computer users are blocked from accessing certain web sites. These filters are usually software-based, and can be configured to be relatively unconfining, or to be very strict. Parents may be familiar with filters designed to keep children from viewing objectionable content on a home computer, such as Net Nanny or CyberSitter. Corporate filters are very similar to these products, but are typically deployed for an entire network, rather than on a single PC. SurfControl and Barracuda are two popular filtering products in corporate environments. The filter used by my employer prohibits me from accessing almost any non-work related web sites, including web-based email, social networking sites, and news sites.
2. Why do employers use internet filters?
Whether we, as employees, like it or not, there are a lot of good reasons for filtering internet traffic. Many companies cite productivity as their primary reason for filtering. The theory is that employees without access to the internet will spend more time focused on the work that they’re being paid for. I’m sure that there are situations where this is the case, but to me, this is the flimsiest of the common arguments. For one thing, as this article will explain, a determined employee can find their way around most internet filters. Second, in my experience, every job has downtime – the places I’ve worked that recognize this downtime and allow employees to enjoy a few minutes reading the news or checking their email will end up with happier and more productive employees. So long as the work is getting done, it’s in the best interests of an employer to look after the morale of their employees. Enlightened companies like Best Buy and IBM know this. Others may never come around – face it, some companies will always filter users.
A second common argument for filtering, and one that actually has a lot of credibility, is network security. The internet is just chock-full of nasty bugs. Viruses, worms, and Trojan horses travel at warp speed around the internet, and hide in some places that seem safe. Of course network-level virus protection will catch most of these bugs, new ones are being developed faster than they can be countered. In a business environment, where downtime due to a virus means serious money lost, strict filtering is the most secure way to protect a network.
3. Can internet filters be bypassed?
In two words – almost always. There are lots of ways to bypass corporate internet filtering. Some of them are safer than others, both for your corporate network and for your future employment. Here are the two simplest methods:
Anonymous Proxy Servers:
Anonymous proxy servers are web pages that can be used to access other web pages. There are a lot of free proxy pages out there. As an example, say I want to use a web proxy at work to check the score for last night’s game on espn.com. I need a list of proxy pages to try and access. Using google, which is available to me at work, I search for “free anonymous web proxy,” and write down the web addresses for six or seven of the resulting pages. Then I try to access each of these addresses. Most of them are caught by my filter, but as soon as I find one that works – say, www.youhide.com, I’m golden. On the youhide page, I’m given a web address bar. I enter espn.com, and youhide serves the page to me. My employer’s network only communicates with youhide.com, youhide communicates with espn, and passes the information to me. Sweet. Every week or two, my favorite proxy might get added to the filter list, but there are literally hundred out there, so change I can it up a little.
The Good:
• Simplicity itself – by simply accessing a single web page, and using no software at all, I’m given access to the whole web.
The Bad:
• Easy to get busted – this is a big one – it’s not going to take a security genius to figure out what you’ve done. Anyone in IT who looks at the server logs will see my visit to youhide.com. If they get curious, and decide to see what’s on that site, they’ll know what I’ve done immediately.
• Not secure – proxy servers are not a good choice for accessing email, internet banking, or any other site that requires a user name and a password. Because all of the information you submit needs to be passed through the proxy site, the owner of the proxy site can record all of your inputs, thereby gaining access to your accounts.
Remote Access Software
Remote access software is a much better option for those with a personal computer sitting at home. Popular among business travelers, this software allows users to access a home computer through a work computer over the internet – just as if they were sitting at their desk at home. A couple popular examples are gotomypc.com and logmein.com. Let’s use my example from above again. After checking the score at espn.com, I’m pleased to find that I’ve won a bet with my buddy, Sam. I need to email Sam to gloat, and to collect my cash. I can’t access my hotmail account from work, and I can’t use my work email account for personal matters like calling Sam unpleasant names. Enter, the remote access software.
Using the web-based access, I log onto my home computer using logmein.com. logmein.com is popular among our salesmen here at work, who use it from the road, so it’s not filtered. I use my home computer to write an email to Sam, reminding him that he owes me $20 and his first-born child, and send it off to him with my love. My home computer does all of the work, and the work machine only talks to logmein.com.
The Good:
• More Secure – both logmein.com and gotomypc.com are well established programs, with good reputations and wide use. While information is still passing through some intermediary software in this method, it’s much safer.
• Harder to get busted – a review of the server log will show only that you accessed a remote access service, and not what you did during that time. You may still draw some heat, but it’s easier to claim that you were doing work-related things that you, say, forgot on a flash drive plugged into your home pc. You can back this up by periodically emailing work-related documents to yourself at work from your home email account, if you think anyone’s likely to ask about it.
The Bad:
• Not foolproof. There are still means of nailing you to the wall. Some of these means are, perhaps, less ethical than bypassing the filters to begin with, as we’ll examine in the next section, but as the rule-breaker, you won’t have a leg to stand on.
4. Should internet filters be bypassed?
That’s a bit of a sticky wicket, really. I do choose to bypass the filters at work from time to time, and I do so knowing full-well that there may be consequences. Let’s look at both sides.
They’re there for a reason.
Whether we agree with the reasoning or not, your employer owns the network, and has every right to implement any sort of filtering solution that they want. No one uses filters without thinking about it.
You can get in trouble.
No matter how smart you are, and no matter how careful you are, you’re at a disadvantage. The computer belongs to your employer, the network belongs to the employer, and honestly, your time belongs to your employer. Clever means of bypassing filters have given rise to clever ways of busting you at it. Even if you use remote access software, essentially leaving very few footprints on your work network, there exist some pretty nefarious ways of monitoring your work. Some employers can call up screen-shots of your monitor any time they want, without your ever knowing. Other employers my use something called a keylogger to look at everything you’ve typed all day long. Either one of these rather distasteful practices would be able to uncover my email to Sam, and would provide perfectly legal grounds for dismissing me from my job. Unless you get really chummy with the guys in IT, there’s no single, reliable way of knowing whether your workplace uses these monitoring techniques.
The Verdict:
Ultimately, it’s up to you. This article will help you to bypass the filters at work if you so choose. For me, I think it’s okay once in a while, and I know that by accessing my home pc through logmein, I’m not putting the work network at risk. I treasure my ability to communicate with friends and keep up with current events. For me, it’s worth a little risk. If you use these solutions sparingly, and with care, you may be able to enjoy a little extra freedom for years to come.
