In a message dated: Mon, 08 Jul 2002 01:40:47 EDT
[EMAIL PROTECTED] said:
>On Mon, 8 Jul 2002, at 12:46am, [EMAIL PROTECTED] wrote:
>> In other words, if I'm not requesting any assistance from corp IT ..
>
> Paul, I would expect you, of all people, not to take that stance. You and
>I both know that simply connecting a system to a network involves it in the
>whole support tangle.
I disagree. If I come in and connect to the network, regardless of
whether it's a corporate supported system or not, I can cause
problems. What's the difference if that system is running the
sanctioned software or not? I can cause the same, if not more
problems with Windows as an average user than I can with Linux as a
responsible user.
Now, if you're talking malicious intent, that's different. In that
case, just having any access to the network at all, be it physical or
otherwise, is problematic. But I don't think you're inferring
malicious intent.
>From there, you can cause problems, and/or you will complain when
>things don't work.
I will complain when things don't work no matter what. However, at
this point in time, as a Linux user, I'm more likely to know *where*
the problem really lies, and call IT and provide them with a very
explicit diagnosis of the problem far beyond the typical "Duh, the
internet is down."
Additionally, if I'm running any non-supported software, whether it's
Linux or Netscape, I cannot expect *any* support from the corporate
IT group at all in relation to that software. Period. That's why
it's called "Unsupported".
>I refuse to believe that you would honestly allow anyone to just walk
>in and plug their own equipment, running God-only-knows-what, into a
>network you are responsible for. You're a better admin then that.
Yes, I am a good admin, but I'm also a realist and understand that I
can't stop anyone from doing this is they're so determined. I can
do things which will make their live miserable, like using DHCP to
statically assign IP addresses based on MAC address. And anyone
with a cable modem knows how difficult it is by-pass that
configuration :) I may create separate networks for non-employees to
connect their laptops to, or segregate conference rooms from the
corporate network. But ultimately, other than just having a policy
stating "Thou shalt not do this", there's little I *can* do to
prevent this from happening. It's even worse in a large company
where there are so many people, varying and disparate needs, and an
understaffed IT group. You really need to know how to pick your
battles. Forcing someone to use one OS over another is a battle I'd
choose not to fight. I've tried and lost too many times. It's far
easier to say "Sure, go ahead, but don't ask for help!".
> Now, as I understand it, in your current situation, corporate IT
>effectively trusts you and your group to do things right for you and your
>group, irregardless of what OS you run. That distinction is critical, for
>what I hope are obvious reasons.
(picking nits here. There is no such word as irregardless! It's
either 'regardless' or 'irrespective')
Corporate IT doesn't know me from a hole in the wall. And AFAIK,
they also don't have a policy against running Linux, UNIX, or MacOS
for that matter. They don't support any of it, and will go out of
their way to actively avoid any support type questions you may have
surrounding anything but "supported software". In the end, it's much
like running Linux at home and trying to call a non-Linux ISP for
connection support. Mention the word Linux, and automatically it's
your problem that they can't help you with. Even if you're calling
to tell them their mail server is configured as an open relay :)
>> Totally different scenario.
>
> I don't think so. Yes, the circumstances were different, but the ultimate
>issue is the same: Does user convience override corproate policy? In my
>book, the answer is "no". If that means I have to run MS-Windows, I run
>MS-Windows, or quit. As it happens, I am rather more likely to do the
>latter then the former. That does not give me the right to violate said
>policy.
Okay, provided there is actually a policy which states I can not do
something, I agree. However, in one these e-mails, I did mention
that if this was an actively enforced policy, that I would end up
seeking employment elsewhere, didn't I? I agree, user convenience
should not over-ride corporate policy. However, I think, as in all
cases, a blanket statement cannot apply. Every situation is
different. When user convenience actively threatens the smooth
workings of the company, or sacrifices security "just because" then
it's time to enforce policy. When there is no other policy being
violated or problem being caused, then you need to pick your battles.
It's like speeding. Going 75 in a 65 zone isn't usually an enforced
"policy", however, going 75 in a 65 zone, and weaving in and out of
traffic usually is. Why? You're now both violating multiple
policies, *and* sacrificing the security of other users.
(not to mention being stupid :)
> (We've wasted enough bandwidth as is. ;-)
This I totally agree with :)
--
Seeya,
Paul
----
It may look like I'm just sitting here doing nothing,
but I'm really actively waiting for all my problems to go away.
If you're not having fun, you're not doing it right!
*****************************************************************
To unsubscribe from this list, send mail to [EMAIL PROTECTED]
with the text 'unsubscribe gnhlug' in the message body.
*****************************************************************
