For a www skimmer like me, it is extremely painful to have all these restrictions imposed by powers that be.
Access to external mails like gmail, yahoo is barred. Access to google spreadsheets, documents is barred. Online files storage is not allowed. If you think entertainment sites should be banned, then yes, all the film sites are barred, but surprisingly cricinfo doesn't fall in that category. Trading sites are banned. Of course Orkut is banned, but I have no sympathy for orkut-addicts.
Yes, there is some advantage in banning non-work relevant sites, but such restrictions should be kept at a minimum. There is lot that I have learnt through now-restricted sites - after all labnol, a very popular and informative technology site was operating under the blogspot domain for a long time. So many of the technology blogs are on blogspot.
I have always struggled when sending 10 MB plus files. God knows where the company file server is and how many approvals you need to take to upload your project files there (I still haven't gone there)? So, why can't we use one of the thousands free file storages for an occasional file transfer?
Google spreadsheets can make such fantastic issue trackers, contact information stores where employees located globally can access and update. Informal use of such tools - preparing party list, taking votes etc. should definitely be encouraged. And I have also found my knowledge of movies (courtesy the banned rotten tomatoes and IMDB) useful in holding conversations with client (it is a DEFINITE part of the job - small talk)
If you get stuck behind the privacy norms and regulations, then things will never get done. Afterall, no innovation came out of a status quo. I am sure if you think out of the box, then you will find the most realistic solution around using external applications for official purposes. I am also not proposing putting confidential information up on the web. At the same time, it is easy to abuse the concern over privacy by implementing draconian restrictions, that ensures that nothing is done safely and securely.
Owing to such restrictions, even IT junta is generally so unaware about the not-so-latest technical advances like tag clouds, RSS feeds, AJAX, podcasts and mashups.
For me, some blogs are a daily must-consumes. So, what do I do, I use the remote machine. It just one more hurdle that I cross. Many people use proxies to view social networking sites like orkut or facebook. Youtube is banned, so someone(one client lan where no such restrictions exist) downloads it as flvs and circulates huge video files through email. So, problem solved? No, just transformed.
Similar kind of ignorance pervades in defaulting access on workstations to user level (rather than admin). No USB drives are enabled, no CDs are allowed, no software can be downloaded and installed. How many times have you stopped people from installing and exploring new tools, and advancing their knowledge. How many times have you stopped free exchange of information, thereby having to endure a bunch of slightly more ignorant software engineers?
The threat of viruses would have been valid if not for the expensive anti-virus and survelliance bots installed on machines. There are just too many productivity aids out there that you can install and do your tasks much quicker and better. A central authority censoring what comes into the system is vastly shackled by its ignorance, lack of understanding and of course time. And of course, absolute power corrupts absolutely. So, the propensity is towards adding more restrictions rather than relaxing them.
Filtering everything out and then allowing access to a few random things is a wrong way to go about it. The approach should be to have no filters in the first place. If certain sites and tools are causing a nuisance, and if certain hotspots crop up in certain permission-types, then you can choose to modify them.
But first, you need to treat your employees like adults.