Skip to comments.
Keep Yer Paws Off Your PC: Preventing End-Users from Installing Applications
ITBusinessnet ^
| 28 August 2006
| Esther Schindler
Posted on 08/29/2006 10:44:08 AM PDT by ShadowAce
click here to read article
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-60, 61-80 ... 101 next last
To: Xenalyte
Our solution was a signed contract to employees if they fubar the system we wipe it out no questions asked and don't save any data. And like someone else said it takes 10 minutes to ghost it back to how it was when they got it.
41
posted on
08/29/2006 11:46:03 AM PDT
by
lancium
To: ShadowAce
One of my projects has to build on both Windows and Linux. The company VPN only works on Windows. I have to do a CVS or SVN checkout, zip the files and transfer the zip with sftp to Linux. Feeding back fixes to the repository from problems observed/fixed in Linux is a pain because of the VPN. A Linux box on the intranet with direct access to CVS/SVN has no limitations. Working remotely has its challenges.
42
posted on
08/29/2006 11:49:49 AM PDT
by
Myrddin
To: ShadowAce
why is it more important to prevent people from customizing their computers than it is to personalize their cubicles?It's pretty tough to infect office furniture with a malicious product which can steal hundreds of man hours for which the company has paid or steal company owned data or expose the company infrastructure to attack.
43
posted on
08/29/2006 11:51:35 AM PDT
by
Still Thinking
(Quis custodiet ipsos custodes?)
To: lancium
I gotta say, I like your solution better than the arbitrary "I don't like ESPN.com so everyone who visits that site will be suspended" approach.
44
posted on
08/29/2006 11:51:51 AM PDT
by
Xenalyte
(No movie shall triumph over "Snakes on a Plane.")
To: antiRepublicrat
I loved watching the story unfold way back when. It's always good for a laugh now and then.
45
posted on
08/29/2006 11:53:07 AM PDT
by
Bloody Sam Roberts
(Winning shows strength. Winning without fighting shows brilliance.)
To: TexasRepublic
Suppose the user unleashes a virus that compromises company data. What does "held responsible" really mean? [Fix it themselves? Demotion? Termination?] How does this relieve the burden for the IT administrator when something goes wrong and the user cannot fix it? Most users are not as technically adept as they think they are and cannot see the "big picture" of a total computer and network environment, as well as the administrator can. I say drive the car but leave the mechanics to us! The potential is there, but in reality it just doesn't happen very often. With mandatory real-time virus scanning and anti-spyware, independent of local administrator status, that isn't very likely.
In practice, users breaking things outside of their own machine is very rare under this arrangement--remember, they're only administrators on their own machines--and doesn't justify the company-wide slowdown of IT-only administration for all Windows machines.
This frees the admins from having to do everything so they can focus on stuff that really need their attention. Users who aren't capable/comfortable installing their own mouse can always call an admin to do it, just like always. They just aren't forced to call him when they are able to handle it.
46
posted on
08/29/2006 11:53:43 AM PDT
by
TChris
(Banning DDT wasn't about birds. It was about power.)
To: Ramius; ecurbh; FrogInABlender
Interesting company IT consideration article :~)
47
posted on
08/29/2006 11:57:01 AM PDT
by
HairOfTheDog
(Head On. Apply directly to the forehead!)
To: lancium
Our solution was a signed contract to employees if they fubar the system we wipe it out no questions asked and don't save any data. And like someone else said it takes 10 minutes to ghost it back to how it was when they got it.I would require the IT group to repay the development hours destroyed by an indiscriminate act of "ghosting" a new image without any attempt to recover development files from the hard disk. The bill would be at customer billing rates for the value of the employee's labor that was destroyed. Help desk labor hours are about 10x lower than most of the software developers in my organization. Any late penalties for schedules misses caused would also be assessed to the IT organization that destroys the valuable data as an expedient use of their time. Loaded developer rates run $170 to $250 per hour.
48
posted on
08/29/2006 11:57:08 AM PDT
by
Myrddin
To: 6SJ7
Too foony.
"Ahlow? Oitee."
49
posted on
08/29/2006 11:57:19 AM PDT
by
Bloody Sam Roberts
(Winning shows strength. Winning without fighting shows brilliance.)
To: ShadowAce
What's funny is that if the problems are solved by the new policies/software, the company will be able to get rid of some of the IT people who solved the problem. lol
50
posted on
08/29/2006 12:06:13 PM PDT
by
mysterio
To: Myrddin; lancium
I would require the IT group to repay the development hours destroyed by an indiscriminate act of "ghosting" a new image without any attempt to recover development files from the hard disk.No kidding! I couldn't believe I read that. If the employee doesn't "own" the computers or the work product on them, IT doesn't either. That work product belongs to the company and is not IT's to delete.
51
posted on
08/29/2006 12:07:35 PM PDT
by
HairOfTheDog
(Head On. Apply directly to the forehead!)
To: Bloody Sam Roberts
Remember "Mordak, Preventer of Information Services"?
52
posted on
08/29/2006 12:08:05 PM PDT
by
Still Thinking
(Quis custodiet ipsos custodes?)
To: TChris
I have all my e-mail directed to my personal ISP account. I have 200 MB of storage backing my mailbox and my ISP doesn't strip out all the attachments. My antivirus software scans all the inbound traffic and is updated daily. The only time a virus has landed on my computer is when I maintained a mailbox on the company MS Exchange server. Their virus scanning is sloppy, they strip attachments, have far more downtime than my ISP and less total storage. The computers harmed when they fail are MY property.
53
posted on
08/29/2006 12:12:31 PM PDT
by
Myrddin
To: prion
For every stupid user story, there is a stupid administrator story. Trust me, relatively speaking; stupid users FAR outnumber stupid admins everyday of the week, and twice on Sunday.
And it IS the company's computer, if you have a need for expanded permissions, make your case, and live with the decision.
The company isn't in the business of reducing helpdesk calls.
And most likely, you company isn't in the business of answering helpdesk calls either, unless it's from a customer for a particular product or service.
I can't tell you the number of times I've had to clean computers from competing utilities, spyware, botware, malware, virus' you name it. All because windows defaulted to admin privledges for the enduser and the enduser wanted to load whatever flashing application, tool, screensaver or what have you that tickled their fancy.
Sorry, if I were your admin, you'd have to make a strong case for an application or expanded provledges, and then, if I granted such, you would be watched like a hawk.
54
posted on
08/29/2006 12:15:12 PM PDT
by
AFreeBird
(... Burn the land and boil the sea's, but you can't take the skies from me.)
To: Xenalyte
I would say that a user visiting illegal sites from his work computer that open both the user and the company up to significant legal liability if caught outweighs hampering his "productivity".
If I had an employee visit those sites with my company's computer over my company's internet connection, I would want IT to kill his account until I were notified. Second time would be termination. I've seen how much IP violations can cost a company even if those violations were unintentional and were rectified before they were caught. Getting sued by Microsoft or Adobe for intentional piracy would put us out of business.
55
posted on
08/29/2006 12:17:29 PM PDT
by
Turbopilot
(iumop ap!sdn w,I 'aw dlaH)
To: Xenalyte; gilor
Do you provide a list of Sites That Piss Off Gilor so users can avoid having their accounts suspended? Better yet, add them to your proxy filter and bar them from even going there and redirect to a nice warning page.
NO p0rn, No Warez no iTunes, No FReeping... (opps!)
Get back to work!
56
posted on
08/29/2006 12:35:00 PM PDT
by
AFreeBird
(... Burn the land and boil the sea's, but you can't take the skies from me.)
To: Turbopilot
If I had an employee visit those sites with my company's computer over my company's internet connection, I would want IT to kill his account until I were notified. Second time would be termination. I've seen how much IP violations can cost a company even if those violations were unintentional and were rectified before they were caught. Getting sued by Microsoft or Adobe for intentional piracy would put us out of business.
I gotta be honest . . . I've never heard of Microsoft or Adobe suing anyone for piracy as a result of browsing non-work sites. I'm not sure how the first part of your paragraph ends up where it ends up.
57
posted on
08/29/2006 12:37:58 PM PDT
by
Xenalyte
(No movie shall triumph over "Snakes on a Plane.")
To: Bloody Sam Roberts
This one is a hoot..
58
posted on
08/29/2006 12:38:51 PM PDT
by
Bobalu
(This is not the tag line you are looking for.....move along (waves hand))
To: ShadowAce
I have a girl in my office that uses a 2.7ghz Celeron with 512 MB ram, it runs slower than the Pentium 266mhz with 128MB in the next room (Both run WinXP). The difference? She keeps downloading all kinds of crap. I'm about to take her off the network.
59
posted on
08/29/2006 12:41:15 PM PDT
by
EricT.
(SpecOps needs to paint the NYT building with a targeting laser.)
To: Bobalu
I'm kinda glad MY hole area doesn't send external emails either. Ouch.
60
posted on
08/29/2006 12:42:00 PM PDT
by
Bloody Sam Roberts
(Winning shows strength. Winning without fighting shows brilliance.)
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-60, 61-80 ... 101 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson