OT Security Question OT

[jpalteri]

I rarely come to this security list so any who reply to this message,
please respond to my EMail account : LARS...@StebbinsEng.Com

Our inquiry has to do with Corporate Employee InterNet Access Policies.

We are actively soliciting examples of already in-place policies used by
businesses throughout corporate USA and Canada.

If you are free to send us the Corporate InterNet Access Policy in place
in THEIR business, please send it to the Email address above.

In the mean time, we have been told that people charged with the
responsibility of InterNet Security Office for NEWLY established
dedicated connections to the InterNet have been implementing a very
simple and straight forward policy which starts out by denying ANY
access to ANY site by ANY employee in the company and then tells them
that if they wish to have access to particular sites, they can contact
via EMail, the Security Officer with the address of the page they need
to access FOR WORK purposes.

These sites are approved on a per person and per site basis.

The policy takes up less than a page to lay out as it does not need to
define "sexual content" or "abusive language" and other subjective
terms.

I would appreciate any respectfully submitted comments on this approach
of dealing with corporate employees accessing the internet while at
work.

Sincerely
Allan Smith