Time For IT Guys To Unshackle Corporate Computers

from the can't-do-that dept

This one ought to infuriate some of the IT folks, but Farhad Manjoo, over at Slate, is making the case for why corporate IT folks should give up trying to control everyone's computers. He says it's silly for them to dictate which apps you can and cannot use, what websites you can and cannot visit and what mobile devices you can and cannot use. He argues that doing so only restricts employees from actually doing useful and innovative stuff and also can make employees significantly less productive.

The response from IT folks will always be about the cost of maintaining all of this -- noting (perhaps correctly) that any time there are any problems, people will call up IT folks who will have to try to service all sorts of things, rather than having a standard list. And, of course, they'll say that users are often dumb, and prone to doing things that put computers and networks at risk. Thus, locking stuff down isn't only cost effective, but it's prudent to protect the company.

In the end, though, if that prevents important work from getting done (or done quickly), that seems like a problem. In the past, we've pointed out study after study after study suggesting that those who are actually allowed to do personal surfing at work are happier and more productive. Manjoo makes that point as well, mentioning recent studies that have shown the same thing and suggesting that companies that trust their workers on these sorts of things tend to get much more out of those employees.

Filed Under: it, limitations, personal surfing, security


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 27 Aug 2009 @ 10:10am

    This is a stupid article. It's entirely wrong.

    This article is ridiculous. Everyone loves to talk about keeping a perfectly open computing environment. Educating users. Complete local access to machines. People go on to say (often with ZERO experience) that if you have a "properly secured network" then you won't have a problem giving your users complete local control... Well, I'm sorry, but that is complete CRAP.

    Where I work I am the sysadmin for about 65 users. That isn't very many people. Most work locally, but we do have several remote branches. I try to keep access as open as I can, but there must be some limitations. Why? Because despite educating users, and re-educating them, over and over, some of them simply will not listen, or do not care to listen.

    Now take such people and amplify the number of them, say in a network with 3000 users. Or in a high school with 1500 students. Now imagine that some of these people are in management positions, or are mission-critical people to the company, or are teachers, etc. They are much less likely to be reprimanded for abusing an open computer policy - thus the problems snowball out of control for the sysadmin's.

    Now lets take a moment to talk about "Proper Security".
    I run a fully updated anti-virus program on EVERY user machine. It not only updates daily and has real-time protection, but it is also set to scan each users machine daily. Every machine is also equipped with a software tool-set to remove and help block spyware, updated frequently. Our e-mail server does a sufficient job at weeding out most of the spam. With all this being said, I have at least one user a week with a spyware problem - and that is with many lock downs in place. If all users had complete control over their machines, this problem would be rampant in no time.

    Now before someone says it... This isn't a matter of me not doing my job "well enough". You can go to hell if you think that. :) The fact is that even with safeguards, security problems still arise. By giving complete control to end users however, that only makes the risk skyrocket. There NEEDS to be some limitations. By locking down what can be installed, you help mitigate the risk of spyware, malware, virus's, pirated software, and so on - being installed. It makes SENSE to do this.

    This is just the tip of the iceberg, too. Web surfing, downloading, and streaming, are all other things that bring great risks. It's not to say users shouldn't be able to surf the web, but there needs to be a line between what is safe and what is not - and thus, some lock down policies need to be in place. I don't limit my end users from surfing the web - but I do limit them from using a site like Myspace. This is because I had problems with spyware / malware stemming from that site. When an end user proves to me a site is safe, they can browse it all they want. The minute I have to fix their computer because of said site, is the minute that site gets blocked - effectively saving the company time and money by protecting from future infestations. Like I said, at least once a week this happens.

    If you want a piece of software on your computer, and you cannot install it, then call I.T. Get it approved, and get their assistance. It is what they are being paid for. If they tell you no, then ask your manager. If I.T. tells your manager no, then there is probably a pretty good reason for it. Either that or your IT staff is lazy. As an end user, you shouldn't be taking this control into your own hands. I'm sorry, but you're not a computer expert, guru, ninja, or otherwise. You are an end user, for a company, and your job is to get things done. If you *need* select software or web access for that, then make your case and I am sure I.T. will be HAPPY to assist you with it.

    In short: Don't be an arrogant bastard. I am happy that my users and I get along. There is no hate for the I.T. department where I work, despite limited access policies. They know why they're in place, and we have a mutual respect going. If they need software, or a certain filter lifted, we approach it together and find a solution that fits.

    ...Openly giving complete control is not a solution that fits. It's an implementation that will likely fail miserably in most environments. Particularly the large ones.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.