Thomas Nolle
Early this year, a CIO received complaints from end users at corporate headquarters about the performance of some key applications. A review by the network operations group showed that LAN traffic had been mounting for about four months, reaching a level nearly double the previous norm. Internet traffic also had increased significantly.
It took several weeks to configure management tools to uncover the problem, which turned out to be a group of workers downloading songs and videos and burning them onto CD-ROMs and DVDs. The workers even set up an internal peer-network sharing system to distribute their finds to others. This activity accounted for 25 per cent of headquarters’ LAN traffic and one third of Internet traffic during some periods. At no time were more than 20 employees involved, in a facility that housed more than 500 workers, but it was enough to cripple some applications.
Most employers are more concerned about the loss of worker productivity involved with personal Web use than with the traffic that use generates. In 2000, only about 10 per cent of companies told me they believed workers’ personal Internet use affected their networks, and none indicated that this traffic caused application problems. In 2003, I estimate that about one quarter of all corporate networks are affected by recreational Web surfing, with the fastest-growing source of traffic the downloading of songs and movies. If store-for-play video becomes widely distributed on the Internet, companies could face downloads of gigabytes of material from each viewer and a run on DVD media to store the files. The effect on network performance could be staggering.
The content craze has reignited the old debates on how to deal with workers who’d rather play games, surf the Web or download content than do their job. “Theft of time,” as some personnel directors call these diversions, is usually a subject of a company policy, but content downloading presents a special problem because the worker often starts a download and then goes on with the job. The network is affected, but not worker performance. Restricting access to the Internet for some or all workers has been only moderately effective in stemming the problem, according to most users with whom I’ve spoken. This occurs because Internet use is a requirement for more types of jobs today than even three years ago.
Probably the best way to deal with content-induced network performance problems is careful traffic monitoring and analysis. Many network management systems and network performance monitors can provide per-client traffic histograms that can help spot sharp increases in network use. The reports can be routed to line department management, who can then determine if there’s a work-related reason for the inquiry. If there isn’t, an interview with the employee is indicated. All of this can be done without actively snooping on employee traffic. Worker rights vary from region to region, but it’s bad policy to presume guilt.
Speaking of rights, there could be more at stake than network performance. Software vendors and industry associations are taking legal action against companies that promote or condone illegal copying of software. In addition, recent actions by organizations such as the Recording Industry Association of America make it clear that the music and movie industries aren’t going to take “sharing” of copyrighted material lying down. Companies without a reasonable policy to prevent employees from copying movies or music might end up being sued.
“Reasonable policy” is the key here. Employers should establish firm rules for what can and cannot be done at work, and then use network traffic monitoring to help identify who might be breaking the rules. Take steps to curtail content downloading on an individual case basis, when traffic patterns make it clear that something is happening. It takes time to publish a new policy and educate workers. Start now, and save a lot of headaches when content delivery becomes widespread – which is likely to happen in 2004.
Nolle is president of CIMI Corp., a technology assessment firm in Voorhees, N.J. He can be reached at [email protected].
