No.  Stop being a slave driver.

well one way would be to ban internet usage completely.  Some businesses do this - I attended a course with some people from the Serious Crime Squad and none of them had internet access on their work pcs. If they needed to access a website they had to use a special terminal that wasn't on the business network.

Depends on budget, amount of hosts, etc, but products ranging from SurfControl to MS ISA Server can do the trick.

I agree, with all the money if the applications are not configured properly, networks can still be vulnerable. However, I would have thought that a Net Admin would have taken the time to use the apps properly before implementing - considering the investment. ISA and SurfControl can and will do the trick - certainly have done in my corp.

Another thing, not so sure about a network being 100% secure. As long as there are "users" using the LAN etc. it will not be completely secure. eg. Password sharing, USB drives etc. - just my opinion, but that is why they employ Net and Sys Admins, partly.

Use a Firewall and block traffic for browser programs. That stops everything.

Cheat by using the "Allowed sites" options in parental control sections of many Security Suites like Norton and McAfee.

Alternatively, adopt a positive Human Resources policy, display trust in the employess and be amazed at how overall productivity might increase. Bored, unhappy workers seek amusement; motivated workers, work!