Posted on 08/29/2006 10:44:08 AM PDT by ShadowAce
This is why a lot of corporations will, over time, upgrade to Vista.
Personally I share the MS haters skepticism of new Microsoft releases, but a year from now, all new computers will be shipping with Vista, and corporations will be upgrading.
The most significnt change in Vista is the ability to install programs on user accounts without screwing up the admin account.
I've worked in IT support for over a decade and my current employer (a college) has by far the best policy on this. We give staff full admin rights to their XP workstations and reimage when they mess it up. Staff do not like having their PC's reimaged so they are naturally careful with what they install. Needless to say, there are only a handful of "problem" staff members that require extra attention. The vast majority are just fine and require little assistance as they learned to support themselves.
No, actually it's very easy ... they just fire the first two or three that exercise their "freedom" and the problem goes away.
Yeah, I agree. Redmond seems to have no feel at all for what is admin stuff and what is not. A user can't even defrag their own hard disk. :-/
My point is, either you can trust an employee or you can't. If you can't, then fire him. If you can, then give him the tools to do his job!
If the user is just an annoyance, who regularly screws up his computer because he's been playing around, then address that user, rather than handcuffing everyone for it.
ring, ring
me:hello
idiot user:It says my account is disabled
me:Yeah, I disabled it because of the 'bad' sites you've been visiting.
IU:Turn it back on!
me:'warez' sites piss me off, have your boss call me.
IU:What? turn it back on now!
me:Have you boss call me...click
The pin stripe wizards just decreed that all laptop and desktop disk drives running Windows must have full disk encryption. My colleague bent over and complied immediately. This weekend, his Windows OS is giving him a bluescreen. Too bad. The standard Windows boot/repair disk can't handle an encrypted image. He can't see his files anymore with Knoppix either. Brilliant. My laptop still isn't encrypted. It may never be based on the observed consequences. I'm watching with interest to see if the "help desk" has some kind of magic recovery tools for encrypted images. The encryption breaks disk defragmentation immediately upon installation. A hard disk used for compiling large projects gets fragmented rapidly. The "management" has traded "security" for functionality. I expect the loss of lots of critical project data to disk crashes instead of stolen laptops.
Wow! Someone here proposed hard disk encryption, and I shot them down immediately. My solution was for NO sensitive data to be stored on workstations. All sensitive data, and we have ALLOT of it is to be stored and used from servers. The data on 'the wire' between the workstations servers is encrypted using IPSEC. Of course this solution may not work for everyone, but it worked in our case.
Dude, that was really bad. I feel sorry for everyone involved.
That is exactly the attitude my company has. My company laptop was stolen from my office back in June. Since then I've been using my personal laptop for work. Rather than requiring me to have certain apps, etc on my machine, they have been very helpful in helping me get my machine to work with them.
As a result, I have the only linux workstation in the company, but I get just as much work done and I don't have to run all sorts of helper apps for virii, etc. The only thing I don't have is access to the VSS database. To get to that, I just start up Windows in a VM, and I can run VSS from there, checking out code into shared folders that my Linux box can access.
Gasp! You're talking about...personal accountability!
Well, I agree wholeheartedly. Sign an acceptable use policy and don't dick around with your system.
Basically, here's the only alternative offered around the office these days:
If you FUBAR your system, it's a 30-minute Ghost reload of a baseline system...complete with Winders XP, Orifice, Visi-slow, and FileBreaker Pro 8.
Sorry about your pictures, sorry about your favorites, sorry about that Palm-pilot software, and sorry about your shortcuts.
Suppose the user unleashes a virus that compromises company data. What does "held responsible" really mean? [Fix it themselves? Demotion? Termination?] How does this relieve the burden for the IT administrator when something goes wrong and the user cannot fix it? Most users are not as technically adept as they think they are and cannot see the "big picture" of a total computer and network environment, as well as the administrator can. I say drive the car but leave the mechanics to us!
Here's a good example from The IT Crowd.
I thought nobody else remembered that one. I loved watching the story unfold way back when.
Very nice. Hamper user productivity because the user does something that happens to "piss you off."
Do you provide a list of Sites That Piss Off Gilor so users can avoid having their accounts suspended?
This article tells a telling tale of the incompetence in the IT industry. Security is a breeze under Windows XP. Preventing installation of software is one of the easiest things to do. Both the file system and the registry can be locked down to prevent installation of programs. Even the OS can be locked down to prevent the executing of applications except those application that are authorized.
This can all be done via the group policy editor. Simple, but most "administrators" don't even know the capability exists.
bttt for later
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.