Huh, as an ICT Director, most of those things I consider valuable tips for the staff I support; especially security and privacy if they use a cybercafe/wifi/etc. to access work documents/email. Sending huge files is often a valid requirement, and having a non-email way to do it makes everyone's lives easier.

Of course, I also go around installing Pidgin/gAIM, Skype, Firefox and Flock, and other such tools, so I'm probably not a good representation of the field.

I agree completely that the sharing of large files is a huge issue for employees today. Smart people will always find a way to get the job done. If an organization does not offer an easy-to-use, secure means for the transfer of large files, end users will resort to other, less secure methods such as the online services mentioned.

This is a security compliance nightmare, particularly with the sharing of confidential files such as legal documents or medical records.

Free software is not the answer. I think the old adage, you get what you pay for, applies here. There are, of course, the potential security risks mentioned, but it goes beyond that. There is no standardization or control when users download the transfer mechanism of their choice. How do you track for compliance purposes?

Enterprises need to be educated on the new generation of secure file transfer technology that exists today. It is easy for employees to use, hence removing the temptation of using unsecure workaround file transfer methods. It is up to enterprises, not their employees, to find and implement a solution.

In today's IT landscape, worrying about what users do and do not know how to do is merely encouraging enterprising users to figure out how to get around the rules.

This top 10 list really highlights the need for corporate IT policies governing usage of such processes and devices as mentioned. Such policies, along with indoctrination at the executive level and below, provide a framework for disciplinary action.

I think we often spend too much time on blocking users and less time on trusting users. The end result is often a combination of malicious intent and worker ineffectiveness as those with the need to perform some of these actions are initially prohibited from doing so.

A well-designed IT corporate use policy should consider the different levels of users that exist in an organization. Any controls put in place should take those levels into account. Should a worker who uses a computer on the factory floor have internet access--probably not. Should a worker whose job is to perform product research have similar restrictions--probably not. Who is hurt more by restrictions that are more of a hindrance than a help--the firm.

To all the high flying - I wanna surf YouTube at work, etc. ...

Don't forget one vital thing: you don't own the equipment you are abusing.

I am an IT guy and it is comforting to lockdown the desktop as it is much more efficient for problem solving.

And, just to add to the fray, I didn't see the absolute best tool on the list to do all the above things and more (encrypted no less) and that is good ol' SSH (source shell) tunnels.

Not gonna explain how they work, but in a nutshell, use your home Internet connection and resources on your work computer.

We had ftp set up for all our employees and customers for large files. Our company's welcome letter has info to access remote mail securely from any computer as well as RDP [remote desk protocol] steps for files. But the look like you're working: I never cared because it was always a feast of famine.

There is a common view that IT systems are slow, that we block video, streaming radio, large file downloads etc. with no regard to what the end user wants and of course everyone knows that we can do these things at home quickly and simply on our Cable or DSL connections.

But you may be interested to know that while cable and DSL may cost $20, $30 or $40 a month for enough bandwidth for a single person to do this all day long, business class Internet connections which guarantee availability, uptime and throughput are by comparison very expensive and used by many people.

An example might be in the U.S. a 1.5Mbit (similar to DSL download speed) may cost $500-700 a month. In Indonesia or South Africa for example that may cost $4,000-5,000 a month or more and these connections are all shared by an office full of people all wanting their slice of the pie.

I read the original article and I considered it irresponsible. Not because they were telling people how to get around IT rules, but because they underestimated the impact of breaking the rules.

Two key things they missed in my estimation:

1) It's not just your computer / information in danger. Once malicious software gets inside the firewall and is running with your security profile it can do anything you can do - that includes infecting the network, or finding confidential corporate information and destroying it or posting it to the internet.

2) At some companies intentionally breaking corporate IT policy can get you fired or at least formally reprimanded (which doesn't do wonders for that raise/promotion you wanted).

Bottom line, if IT policy is really colliding with your ability to get your job done, talk to them about it. In many cases exceptions are possible.