David H. Lipman <DLipman~nospam~@verizon.net> wrote:
> From: "Colin B." <cbigam@somewhereelse.nucleus.com>
>
>
> |
> | This is a self-fulfilling prophecy. If you don't think you can trust
> | your users, then eventually all of the ones you CAN trust will leave
> | in disgust for jobs where they're treated like grown-ups.
>
> Grownups who violate corporate policies on the use of company provided equipment SHOULD quit
> or be fired.

That was actually my point, in a roundabout way. Policy is usually a
better solution that technical means. If you say, "No iTunes on company
machines" then if someone installs iTunes, you discipline them, up to
and including firing if appropriate. No need to waste cycles trying to
add handcuffs. Applying software or network blocks is pretty much a big
message saying, "we don't trust you to follow the rules." It takes time,
effort, money, and creates a hostile environment. As often as not, it
also interferes with people's actual work.

To the OP, I don't really recommend any technical solutions (although here
are a few options: Block all MP3s on the wire, remove admin privileges
from users for their workstations so they can't install software, block
traffic by port number or destination, and so on) because I don't think
that it's a predominantly technical problem. You're trying to direct
behaviour with technical means, and behaviour is almost always better
managed with policy.

Not trying to judge you here, just suggesting that it's not the right
solution for your problem.

Colin