The Gubmint Versus Ebay
If you think it is really impossible for a government worker to be fired, you would be wrong. The Times Online reports that 9 British council (municipal) workers were dismissed for trading on E-Bay. The sacked workers called upon the government to save others from the same fate in the future.
Three were sacked and six resigned when they were confronted with the records of their online dealings by managers at Neath Port Talbot Council in South Wales. The six women and three men, who were earning up to £25,000 a year, were the worst offenders when IT experts investigated the amount of time that staff were spending on eBay.
After the dismissals union officials said that the employer had “put temptation in their way” by allowing computer access to external internet sites. They called on all large employers to install a firewall program to prevent staff from being distracted by sites such as eBay, BBC Online and those that provide gambling.
It will be interesting to see how British government employers do this. As many enterprises locate their critical applications online (for example, SalesForce.Com) you create the risk that some components may make calls to sites which the Firewall is not configured to admit. As Dave Linthicum at Computer World wrote, the line between corporate applications and the Internet is blurring:
The line is blurring between the enterprise and the Web. Mashups live on that porous perimeter, offering the reusability of an SOA plus very rapid development using prebuilt services outside the firewall. Soon, we may live in a world where it's difficult to tell where the enterprise stops and the Web begins. It's scary -- and exciting at the same time. ...
Even more complex applications are possible -- such as mashups that become sophisticated business processes, applications or sets of services in themselves. You can see where this is going: full-blown services, processes and composites that span from your new SOA to hundreds of Web-based services hosted by SaaS players, commercial Internet properties such as Google, and vertical market exchanges. ...
Mashup security is critical, considering that you're looking to leverage interfaces, content and services you neither created nor own. ... No one wants to discover that an innocent-looking AJAX mashup is actually sending customer data to some remote server and compromising the business. Care must be taken to implement security policies and technology layers that will protect the value of the mashup platform. This should mesh with your SOA security or become an extension to it.
I leave to the reader the question of whether the Neath Port Talbot Council can successfully manage its firewall in the long term, or whether, as I believe, it is looking at the wrong problem. Quite apart from the issues that Computerworld raises, the story seems to imply that the Council really does not know how to measure its employee's performance. If it had a reliable performance measure -- whether in terms of forms filled out or clients served -- the simple question would be whether these 9 employees were doing their job satisfactorily. If they were performing satisfactorily the question of whether they spent two hours on Ebay instead of staring at the desk surface -- which I take it would have been entirely satisfactory -- would be entirely irrelevant. But my guess is that the Council really has no way to measure how productive their employees are and must resort to ludicrous proxy measures as a substitute.