A developers expectation with regards to Internet access

Question

I work in what is effectively a large corporate - I say effectively since the company I work for is relatively small, but depends upon the network infrastructure of a larger parent company. Recently due to reasons I won't go into, the parent company who provides our Internet access decided to restrict Internet access in a blanket fashion, and access to blocked sites is now considered on a case-per-case basis (the criterion being that the site should be work-related).

Personally I feel that professional developers should have unlimited access to the Internet, and I want to get some kind of idea about what kind of liberties other developers' employers afford them in this regard.

As an example, I recently requested access to http://www.rememberthemilk.com/ and although access was granted, it was done so begrudgingly and I have been asked to provide a more convincing reason as to why I need it, given that the Outlook task manager is available. This has put a poor taste in my mouth, and I've likened this to being forced to use IE over another browser (another company policy that I won't go in to).

What do other developers expect/have access to?

Answer 1

I personally refuse to work anywhere where programmers are treated as children. I'm there to do a job that requires a good amount of skill, and if they can't trust me to do that without treating me like a kindergartener, they don't deserve my attention.

Edit: Also, I find this essay from Paul Graham to be highly appropriate: The Other Half of "Artists Ship".

Answer 2

Add it to your list of annoyances. When the annoyances get larger than your salary, move on. Given the amount of time wasted surfing the internet these days, though, I suspect that you'll see more and more of this happening. Hope you can still get to StackOverflow.

EDIT: Actually, I think the thing that would bother me most is not the actual blocking. I could understand that, but the "you've got to defend yourself" attitude. I hope that it only applies to this and not requests for reasonable, legitimate resources (like an extra monitor, training, buying books). People -- including developers -- should have the ability to use the tools that make them effective. As long as using the tools isn't disruptive to the whole team, you should have wide latitude. It would probably be best if you shared a bug tracking system rather than each having his own, for instance.

Answer 3

Nothing less than unrestricted access will do.

I've lost count of the number of times i've found the solution to a problem I am working on tucked away on a blog somewhere (particularly working with emerging technologies). Having to request and wait for access to get each of these solutions would have been a HUGE dent in productivity.

I can understand companies restricting on a blacklist basis for e.g. facebook, youtube but a whitelist blanket approach just isn't workable for what we do

Answer 4

Depends upon the data you have access to. If you can access financial data (credit card), then PCI-DSS will require you to not be able to access the internet freely. It is a pain, but there are reasons. There should be a good process for getting access to certain sites, but the best option is to make sure developers are segregated from production data, then there is no reason to block sites other than having a "big brother" approach.

Answer 5

I would fight back by a) Requesting access to every site I could think of, I could probably come up with a good hundred or so programming related sites and blogs i have visited semi recently given the time and motivation to do so b) Blaming any blown deadlines on the retarded policy.

The person who decided to do that does not understand the needs of programmers. You cannot code in a bubble by yourself and expect to be in any way efficient.

Either fight back or quit, those are unacceptable working conditions.

Answer 6

We're restricted by serious content but otherwise pretty much everything is unlimited. I use stackoverflow to find answers to problems I have, so I think the use of the Internet should be encouraged as it actually aids in the work process.

EDIT: Facebook is actually blocked too, but I can see that it can just drain your time at work as people get addicted to stuff like that.

Answer 7

We have unrestricted access, but of course you need common sense. So if you are going to download illegal or x-rated stuff, you are into big trouble.

Answer 8

For the people who decide such policies, the Internet is one large blob of evil, uncertainty and fear. Also, since many of them think of the "Internet" in terms of pr0n sites, Facebook, etc (i.e. "fun" sites), they see no reason why someone should spend any amount of time there.

Here are some arguments:

• I spend a lot of time on StackOverflow answering questions. This helps me improve my skills to explain things.
• I use Google a lot because I don't want to burden myself with knowing everything all the time. Instead, I hone my skills to find the information I need when I need it. This makes me more effective but it means that I must be able to access any site that Google might return.
• I am a fast reader. So when I open 30 different URLs, that doesn't mean I spend half an hour on each of them. In all places I've worked so far, I was under the top 10 downloaders (both URLs and bytes), more often than not even #1.
• I constantly monitor various blogs and information sources for new ideas to improve myself, I learn a new programming language every year (sometimes more). This makes me a better programmer - every day. I can't do that when I can only see a tiny bit of the Internet.
• When I'm working on a problem, I'm in the flow. I ignore anything when in the flow. So if you fear that I waste my time on the Internet, how about making sure that I have enough interesting work on my plate?
• You can find a really huge OSS mirror on http://mirrors.playboy.com/. The mirror is one of the biggest and fastest in the world. Browsing such an URL doesn't mean I'm doing anything which my contract doesn't cover.
• And the devils answer: The new insane policy on the virus scanner has made build times go through the roof. What am I expected to do while it's fighting my Java compiler for CPU time? Stare holes in the walls? Let's get this straight. My work is what the revenue stream of this company is based on. So you get money every month because of my work. Therefore, I'd suggest that you start moving obstacles out of my way. Otherwise, I might leave and you're next.

Answer 9

I think it's possible to work within this type of restriction as long as the assumption is that the developer, ie you, knows what sites are appropriate.

The proxy here throws up a message along the lines of 'this site seems offensive, are you sure you want to proceed? Your access will be logged' which reminds you you're being monitored but doesn't treat you like a child and assumes you know what sites you need access to in order to do your job.

Answer 10

The problem with 'unlimited' internet access is that there's always some idiot that spoils things for everyone else by loading up on viruses or some other malware from some dodgy site or torrent.

To be honest if you work for a large corp then you have to expect this kind of thing. I've worked as a dev for a couple of UK banks and because of regulatory compliance our internet access was pretty limited and rightly so.

I'd also say that complaining about being made to use the company provided tools such as outlook is just tough love. The computers, software and internet access belong to them, not you. We use some tools where I work that I'm not a huge fan of, but at the end of the day the tools still let me get the work done according to company standards and that's what the rest of the team uses. I suck it up because it's a trade off with the rest of the job which is ace and well paid.

I'd also have to ask why you're using an external unvetted service to store your work related task list, if that's what you're doing. That's a no-no in our book, work stuff stays in work apps/data stores, period.

And you know, if it's so bad, why not do what a lot of my buddies do. Take a laptop/netbook with a GPRS/3G modem to work and do your surfing on that.

Answer 11

I certainly agree that unrestricted access is to be desired.

However there are situations where this can not be achieved, sadly. I find myself being denied access to certian content deemed a general security risk. Like many others, I work for a large corporation, and without going into detail, there are certain security risks theese large corporations will not take. Some of theese are silly from a programer standpoint, but when one tiny slip-up from any one of several thousands of employees could result in a security breach and potentially result in tens of thousands of customers not getting the services they expect, and indeed pay for, this is a situation we simply have to accept.

So for those of us working for large private corporations, state or government organs, military, banks or the like, unrestricted internet acess is sadly an unrealistic demand. We'll just have to learn to live with it, or if we can get a job for a smaller employer.

This however does not mean we can't try to reverse some of the policies when restricted access to safe content is keeping us from doing our job to the best of our abilities. After all... that's why we're there in the first place.

Answer 12

I am fortunate enough for unrestricted access. However, I don't browse anything that would be questionable should someone peek over my shoulder.

The point I would like to bring up is speed. We have a DSL connection and it is slow enough that it sometimes takes a page a minute or so to load. This sort of gets in the way of things when you are trying to look something up quickly.

Answer 13

To me there are acceptable and unacceptable things to block.

Acceptable:

• Adult sites;
• Gambling sites;
• Facebook/Myspace/etc;
• etc.

Also, internet should be fast. If I can't download a file from springsource.org at at least 200k/second the company is wasting my time and their money while I sit around and wait for downloads.

I think unfettered access on a corporate network is unrealistic and unjustifiable. Companies need to protect themselves against lawsuits (and someone having a racy screensaver they downloaded on the corporate network can be viewed litigiously as being an environment permissive of sexual harassment). But any such system should be exclusionary not the other way around (in that everything is allowed except what isn't rather than what you have, which is nothing is allowed except what is).

I worked at acompany that had pretty stupid policies like they blocked any site with 'mp3' in it (even though those characters can and do appear in MD5 hashes sometimes used as IDs so those got randomly blocked) and, what's worse, anything with 'blog' in it. Seriously, blogs are extremely important to developers looking for answers to problems.

Now like your situation they would approve exceptions on a case by case basis (and the HR manager took personal responsibility for this!) but it was ridiculous. When you need an answer, you need an answer.

In the end we just used ssh tunnelling to bypass the proxy. Problem solved (and, due to oddities in our network config, it was faster too even though I tunnelled through my home ADSL router).

You may think I'm going overboard but I honestly would consider walking from such an environment. Things are almost certainly going to get worse. It's such a red flag for an organisation that is in the death throes of bureaucratic and political suffocation.

But if you're determined to keep your job and want to avoid justifying why sites should be allowed (I would) I'd use ssh tunnelling (if possible).

Answer 14

Why don't you suggest that instead of blocking everything and getting permission to unblock sites they unblock everything and then only block specific non-work/time-sink sites. They should be able to identify these from their logs (facebook and myspace will pop up, I'm certain).

If they won't go for this, just request access to every site you need that you find blocked, keep a count of how often you have to make a request, and bring it up periodically with your line manager as an impediment to your productivity. All of this may make no difference of course - the difficulty of getting a corporate policy changed increases in relation to the size of the corporate. In which case you just have to decide whether you're going to put up with it, or find a job somewhere else.

Answer 15

As a developer I expect access to certain resources when I negotiate for my contract, one of those is reasonable access to the internet (I say reasonable because if I'm caught surfing porn sites or wasting time on Facebook then sure I'd expect to be reprimanded or fired. Reasonable is a negotiated term in most cases). If I have a legitimate reason for using/referencing a site then I expect unrestricted access to that site - without having to jump through hoops to get access to that site.

Given that a lot of the information I search for is undocumented nuances of "features" and workarounds in .NET, quite often I'll find the information on some obscure blog, community or newsgroup post which I might not have access to otherwise.

Aside from internet access, I also expect to have room in my cubicle for a decent selection of my library - if not a bookcase for the whole thing. In an ideal world, I don't want a phone on my desk - if people need to talk to me, they can come and talk to me. If they've gotta make the effort to come and do that, they're more likely to find solutions to problems on their own instead of coming and pestering me for answers and if they made the effort to come and find and talk it me, helping them find a solution is the least I can do... but that's another topic entirely.

Answer 16

One solution is to have a handful of shared workstations dedicated to web browsing, and shared between all the developers in a lab.

A company I used to work for did this, though they spoiled it with some silly mistakes:

• Having a shared login, so although it was logged, they didn't know who had been to what sites
• Giving a handful of developers web access on their own workstations, so the remainder became jealous and also kept requesting it.
• Not locking the machine down, so anyone could install software on the shared machine, inevitably breaking it (admittedly this is a hard problem, but requiring individual logins would have discouraged it.)
• Using an external blacklist, so querying it for each URI delayed page loading by about 2 seconds.
• No additional virus scanning. The hard drive was checked, but USB flash drives weren't.

Answer 17

You work for a corporation and misunderstand your place. You are a cog in a machine. If you cannot adapt to the strictures of your client/employer, you will find that both you and your employer will be dissatisfied (and everyone - especially you - can be readily replaced).

There are usually reasons for forcing workers to comply with rules. You may think it's silly for restricting access to sites, but given the insecurity of the internet, are you willing to pay the price for a security breach? Just because you are a programmer does not mean you won't be tricked by a malicious site or fall prey to attacks. And when the incident occurs, do you think your annual salary even begins to cover the cost of recovery?

There are browser specific attacks as well - while IE is the most highly targeted because it is the most widely used, do you think your corporation should have to pay for extra IT staff and expertise, just so you can use the browser of your choice?

Having said all that, the way to get what you want is to provide a business case for the consequences of the policy change. If you want Firefox supported - demonstrate how it will make money or save money - and make sure you think through all the consequences, because I'm pretty sure that in most scenarios the company will have considered things better than you. If you want unlimited internet access, demonstrate why it is necessary and how you will protect the company assets.

Learn you place boy (read with Southern accent from Cool Hand Luke).

When you have your own company, you can make the decisions, until then, adapt to your given environment and make the most of it. Do continue to make suggestions for improvements, but know that there are a lot of people smarter and more experienced than you.

@those artistes who won't work for someone because [put reason here]...

see you at the bread lines...

Answer 18

Where I work, every link is monitored by WebSense and some are filtered and others blocked. It seems like a logical point in many ways for me. If I'm going on-line to do something, I don't mind it being recorded as I am using company resources, just like I'd expect some phone calls to be taped or meeting room meetings to be taped from time to time.

Sites being blocked may be more of a good thing since this prevents some stupidity like the gambling or porn sites that may pop up if things aren't monitored. So, I don't expect unlimited access, though I do like having some freedom and if my job performance is good then this shouldn't be discussed at length, whereas if my performance drops I could see having it cut back in that case.