If the IT Department has time to trawl through internet access logs, the likelihood is that they're due for a headcount / productivity review.

In my experience. Further anecdotal evidence towards the previously mentioned 'corporate security is egregiously bad'.