“our users are local admins on their Windows laptops and we not stop them from installing any software they want”
Who supports said software, or is there any expectation of support? If Joe BillyBob installs FileMaker or MS Access and creates a database and queries that become key to a department or two, which happens if that app breaks or that user leaves and nobody knows how this feature was created and how to fix it. I’ve run into this “silo of expertise” on a few occasions and once that person leaves, that functionality is dropped as soon as it breaks. “Why not allow torrent traffic?” and “My boss, who is actually quite knowledgeable in IT matters” <-- I must be old school, as I fond those comments in conflict if we’re talking about business systems. A person who is fluent in desktop technology and software (and therefore considered by the general public as “knowledgeable in IT matters”) is not necessarily equipped to handle a sysadmin IT role where scaling, standardization and security have higher priorities. Just because it’s considered Ok to do something at home doesn’t mean it’s smart to apply that philosophy to 2,000 home workers. A business with 50-ish systems you can get away with a lot less structure than you can with 5,000 systems. On backups – who’s responsible for making sure the backups actually worked – IT, or each user? I’ve been down the “back up every users’ machine” and it was a mess because you didn’t know if backups failed because they happened to be offline or what. The only way I see that being manageable is having a target of at least one backup/week, that way missing a day or three doesn’t trigger investigation time. Good topic though… Dave From: [email protected] [mailto:[email protected]] On Behalf Of Andrew S. Baker Sent: Thursday, December 08, 2016 9:18 AM To: [email protected] Subject: Re: [NTSysADM] OT: IT Philosophy Get your manager's view in writing. #1 -- If he's fine with convergence of liability, then great. #3 -- Speak to legal #4 -- Security requires defense in depth. Deliberately eliminating one layer of protection does not lend itself to security. I hope that your customers are either consumers or enterprises which don't care about security, or this will come back to bite the organization sooner rather than later. Get your manager's view in writing. (Repeated for emphasis) Regards, ASB http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker> Providing Expert Technology Consulting Services for the SMB market… GPG: 860D 40A1 4DA5 3AE1 B052 8F9F 07A1 F9D6 A549 8842 [https://track.mixmax.com/api/track/v2/G7STv6nVYp90iMoxV/gIt92YuwWah12ZAVmbvpnYzFmI/i02bj5Sb1J3bmRXa51mLzR3cpxGQtRWYzl3c05mI] On Wed, Dec 7, 2016 11:24 PM, Kish N Kepi [email protected]<mailto:[email protected]> wrote: We keep a lax environment – our users are local admins on their Windows laptops and we not stop them from installing any software they want – the only caveat I ever say is ‘don’t be stupid’. And yes, we are a hi-tech house, well beyond the startup stage. During a conversation about potential changes to the way we do backups today, I stated that the current back up routine specifically excludes most media files, and also that I’d used psexec to kill utorrent processes. My boss, who is actually quite knowledgeable in IT matters, had a response surprised me: why? Why not backup the media files? Why not allow torrent traffic? His points were as follows: 1. We give them laptops and smartphones and expect them to be available at all hours of the day – that’s convergence of home and office life – why shouldn’t we backup the photos of their kids, pets and vacations too? 2. Do we have bandwidth issues? We have a broad link to the internet and only at periodic peaks do we hit anywhere near our limit 3. Legality of torrents? Really? How many people care about the legality? 4. Malware? We have other protections in place. I couldn’t come up with any answers that sounded reasonable to me, so at this stage, we’re planning increase our backup storage capacity. Does anyone here have answers that I lack? Sorry for cross-posting, but I this question is bothering me, and I know that many people in this for a have strong, well-formed (and well-expressed) opinions Kish n Kepi Attention: Information contained in this message and or attachments is intended only for the recipient(s) named above and may contain confidential and or privileged material that is protected under State or Federal law. If you are not the intended recipient, any disclosure, copying, distribution or action taken on it is prohibited. If you believe you have received this email in error, please contact the sender with a copy to [email protected], delete this email and destroy all copies.
