I was working as a network engineer/consultant for a managed service provider who, in my coverage area, provided contract-based support to small- and medium-sized businesses. Our top priorities were always security and integrity of data, and we worked with each client’s IT staff and/or leadership develop policies if they so desired. For one particular client, a policy was created by their own IT staff and then enforced using a web filter. This was all done with a sign-off by the client leadership. One day I was called into that client’s president’s office while I was onsite for a service call. This happened in 2006 or 2007, I believe.
Client: What is this IT policy that you created?
Me: It is a policy created by [the two people in charge of IT for their company].
Client: I don’t care who created it. Why do we have it?
Me: It’s to protect the network. To reduce viruses and overall increase productivity…
Client: (interrupting) We don’t need it. No one can #^&#ing tell me what I can and cannot do on my own computer. Not you and not [the two people in charge of IT]. If I want to #^&#ing watch porn all day on my #^&# computer, I will. Only [the company owner] down the hall can tell me what the #^&# I can and cannot do. I want the #^&# filter turned off now.
I soon discovered that the son of one of the VPs was looking to expand his own IT support and hosting company, and the president was looking for a way to get out of our multi-year contract early. The contract continued until the end date.