Actually the BYOC initiative might push some of these issues to the fore, joking aside. Currently I don't mind people connecting from Blackberries, iPads, Macs etc. because I can push them all onto Citrix and effectively turn them into a Windows platform without worrying about the endpoint security. It is, as you say, when these things become corporate, LAN-based assets that the endpoint has to be secured as well as the delivered apps.
On 26 May 2011 10:23, Alan Davies <[email protected]> wrote: > Fair enough ... morning FAIL for me then! ;o) > > However it is *exactly* the line that the Creative department aggressively > took in a past role where they refused to have their precious Macs managed. > Stems from a "protect your crappy little Windows domain how you like, but > leave our Macs alone" type attitude! I think quite a lot of people could > and would imagine what you jokingly posted as being entirely appropriate! :( > > > > a > > ------------------------------ > *From:* Rankin, James R [mailto:[email protected]] > *Sent:* 26 May 2011 10:19 > > *To:* NT System Admin Issues > *Subject:* Re: Managing Mac's > > It was a joke > > Typed frustratingly slowly on my BlackBerry® wireless device > ------------------------------ > *From: *"Alan Davies" <[email protected]> > *Date: *Thu, 26 May 2011 10:13:56 +0100 > *To: *NT System Admin Issues<[email protected]> > *ReplyTo: *"NT System Admin Issues" <[email protected] > > > *Subject: *RE: Managing Mac's > > How exactly does that excuse one from managing the Macs? If you're locking > them down so much that they're just a dumb terminal, then save a lot of > money and get them a Wyse terminal! If the Mac is used for work (ie. it > stores or processes data), then it must be managed. Managed as in patched, > updated, controlled, protected, etc. You have a legal liability to ensure > non-criminal use of any machine in your organisation at the very least. > That's not to say you have to be incredibly aggressive about it necessarily > .. you have compensating controls and should understand the risk and > therefore demonstrate due diligence. > > I could write for ages on the many many things you really should do if you > manage Macs, but let's just say that it's dangerously misleading to imagine > a VLAN and Citrix client excuses non-management of an endpoint .. > particularly if that endpoint is mobile. If you're a regulated industry, > then 100 times so ... > > > > a > > ------------------------------ > *From:* James Rankin [mailto:[email protected]] > *Sent:* 25 May 2011 16:14 > *To:* NT System Admin Issues > *Subject:* Re: Managing Mac's > > Just put them on a separate VLAN, install this ( > http://www.citrix.com/English/ps2/products/subfeature.asp?contentID=2300384) > and make them use a Windows published desktop from a Citrix server running > through the web interface. No more worrying about updating Macs :-) > > On 25 May 2011 16:10, S Powell <[email protected]> wrote: > >> don't let regular users we don't let them run as admin and just do updates >> manually. >> >> most of the Macs that we use are used by our admins. Otherwise we're all >> MS. >> >> >> ----------------- >> Who'd you rather be, the Beatles or the Rolling Stones? >> >> >> > > ************************************************************************************ > > WARNING: > > The information in this email and any attachments is confidential and may > be legally privileged. > > > > If you are not the named addressee, you must not use, copy or disclose this > email (including any attachments) or the information in it save to the named > addressee nor take any action in reliance on it. If you receive this email > or any attachments in error, please notify the sender immediately and then > delete the same and any copies. > > > > "CLS Services Ltd × Registered in England No 4132704 × Registered Office: > Exchange Tower × One Harbour Exchange Square × London E14 9GE" > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." *IMPORTANT: The information in this email is CONFIDENTIAL. If its contents are disclosed in any way my lawyers will swoop down from black helicopters like Seal Team Six and drag you away with a black bag over your head. They will then take you to a secret prison and make you fight to the death with other people who dared to share this email. You will be given a large bowie knife and a supply of methamphetamines while I watch the said deathmatch and wager vast sums of money on who will be the winner. If the fight becomes boring or there is a stalemate, I will release rabid dogs and my two-stone cat into the arena to liven things up a bit. If these animals become in any way docile, I will squirt them with water pistols until they become a bit more temperamental.* ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
