Gmail blocked at work because of "viruses" - reasonable?

[bowiac]

So I'm a lawyer at a firm that has recently announced they will be blocking Gmail and other webmail effective December 1. The reason given is that "Webmail has become the main vector for introducing viruses into our network."
 
As the attorneys here work on a billable hour basis, "time theft" isn't really a salient concept. With that in mind, before I go round the office screaming "Attica!', I was hoping I could get some IT people to weigh in on whether our IT people have gone nuts. Is this really a plausible/reasonable story they're telling us, or is this some crazy nonsense?

 

[AlNipper49]

yeah.  blocking personal email accounts and USB drives is pretty much a no-brainer if you're interested in security.  It's not that those methods are inherently insecure, it's just that they're easy tool to exploit folks.  
 
in addition to virus, blocking ways to easily export data theft is also important.  

 

[NortheasternPJ]

No they aren't. Web mail is a huge attack vector for infecting networks. I'm working with a health care company now that just did this for that very reason last week.
 
There are ways to help mitigate that risk and keep it open, but you need some infrastructure in place that can do things like SSL decryption to inspect for viruses etc. A good number of organizations will turn it off. I wouldn't say its a majority but its not uncommon.
 
Why not just use gmail on your iPhone / Android and call it a day? 

 

[NortheasternPJ]

yeah.  blocking personal email accounts and USB drives is pretty much a no-brainer if you're interested in security.  It's not that those methods are inherently insecure, it's just that they're easy tool to exploit folks.  
 
in addition to virus, blocking ways to easily export data theft is also important.  

 
Another good point. I do see a lot of organizations making it read only as well. 

 

[glennhoffmania]

I haven't been able to access personal email on my work computers for years.  But what's the big deal since everyone has a smart phone?

 

[zenter]

So I'm a lawyer at a firm that has recently announced they will be blocking Gmail and other webmail effective December 1. The reason given is that "Webmail has become the main vector for introducing viruses into our network."
 
As the attorneys here work on a billable hour basis, "time theft" isn't really a salient concept. With that in mind, before I go round the office screaming "Attica!', I was hoping I could get some IT people to weigh in on whether our IT people have gone nuts. Is this really a plausible/reasonable story they're telling us, or is this some crazy nonsense?

 
Definitely, webmail services are probably at or near the top of virus vectors. IT runs virus checkers on everything on the mail server, which they cannot on webmail, which is a veritable smallpox blanket for secure networks. I cannot vegin to count the number of idiots at my last company of luddites downloaded and forwarded things without vetting them. Hell, they liked auto-loading images without knowing the source. Idiots.

 

[lostjumper]

We are blocking outside e-mail at my healthcare facility starting December 1 as well. We can scan and block e-mail that comes through our e-mail system, but we can't on personal accounts. Something our CIO sent out the other day: "National security review and analysis suggests that over 95% of the time an email attack occurs it stems from an individual clicking on an embedded link in an email.   On average 1 out of every 10 individual who receives an email that contains a malicious link actually clicks on that link and causes an infection or problem of some sort."

 

[steeplechase3k]

I'll 3rd, 4th or whatever that it is common.
 
I work IT for a market research company and we just recently set up web filtering that blocks webmail and other file sharing web apps. Some people aren't happy about it but various audits that are required for some major clients (healthcare and government mostly) require it.
 
We don't prevent use of thumb drives though, they just have to be encrypted when you plug them in.  If you say no to encryption you can still access it but it is read only.

 

[bowiac]

I haven't been able to access personal email on my work computers for years.  But what's the big deal since everyone has a smart phone?

The concern is composing email from a phone isn't very convenient. Similarly, we're losing access to GChat, which is my primary means to staying in touch with friends/family, etc... Obviously that's a bit of time suck, but that's not really salient in this job.

 

[glennhoffmania]

The concern is composing email from a phone isn't very convenient. Similarly, we're losing access to GChat, which is my primary means to staying in touch with friends/family, etc... Obviously that's a bit of time suck, but that's not really salient in this job.

 
Hey I'm with you.  When I was first told that I wouldn't have access at work I was pissed.  It definitely makes things less convenient.  But at least you can use your gmail on your phone instead of being totally out of the loop during work hours.  Another option is that I see some people bring a tablet to work and use the wifi to do their personal shit during the day.  My boss watches soccer games all afternoon sometimes on his iPad.

 

[OCST]

I work at a small law firm, and many of our clients, and a surprising number of opposing counsel and others that we deal with often ( architects, engineers, etc.) use gmail, yahoo, aol, etc. a total block isn't feasible (we have missed some important stuff) but we've been fucked by viruses too. Our IT guy is always screwing around with the filters, etc. and it's a problem.