That's one of the primary safety rules they teach you on the railroad, and it seems that it still applies throughout our corporate economy, where doing what's safe and expected and riskless takes precedence over doing something new, untested, experimental, edgy, or -- gasp! -- uncontrolled by IT and the company.
I just attended a networking event for a technology group, and one of the panelists in the short dialogue that preceded the drinks made a point of saying her organization blocks access to iTunes and other social media.
When I questioned that approach, the answer was pretty much the same you always hear...we're afraid our employees can't be trusted to be responsible in their downloading, they might clog the server with music, or something worse.
Of course, the guy who runs IBM's employee blogging program has answered that question quite well.
When asked how they can trust the employees to blog, he says, we trusted them enough to hire them, now that they are employees why would I trust them less? But most of corporate America does distrust its employees. And the employees know it.
It's pervasive in corporate America. Assume the worst of all employees, block all ability to try something new or different. Don't manage by exception, just block everyone. The right approach would be to let people try new things, see if there's a great application that could enhance the business, attract new customers or donors or supporters, whatever.
Only block the ones who actually abuse the system.
But they never seem to do that. Much easier to tell everyone you don't trust them, and then act shocked when they try to circumvent the restrictions.