Do users have enough power?
Or are they gaining too much!
Pundits say we are entering a new era of freedom and empowerment. Users should be allowed to do whatever they want to improve productivity and make their lives easier. Whether it’s hooking up personal devices to the corporate network, storing confidential documents in DropBox, or discussing business matters over social networks, this is the way of the future and users should be allowed to get on with it.
Many IT pros question the wisdom of all this and try to lock things down on the grounds of security, compliance and cost control. They are then branded as Neanderthals who need to wake up and smell the coffee. Others are simply sitting back to wait for an altogether less pleasant scent as all sorts of stuff ultimately hits the fan as a result of the inevitable chaos.
Does it need to be all-out war between users and IT though? Maybe users feeling they need to do their own thing is a reflection of inadequacies in what the company provides. Rather than totally rejecting the cry for freedom, or going to the other extreme of giving in to it too easily, perhaps we should simply roll out more appealing and flexible corporate solutions.
Against this background, our latest Reg Reader survey looks to get under the skin of this highly controversial area. So, if you are a frustrated user, an exasperated IT professional, or someone working in an environment where a happy equilibrium has been reached, we’d love to hear from you.
It'll take you about 5mins to complete and you can start right here.
They don't need more power
Give users more power and they'll royally screw things up and then place the blame on anything but themselves and the cost to fix it, and the incumbent delays this causes to other tasks, will never be assigned to the user.
For example, sharepoint (an unmitigated POS at the best of times), has a security scheme that makes the standard Windows file and print security look sensible. Give users uncontrolled access to this and you'll be tracking access problems for weeks.
Likewise, give users full access to file security and you'll get endless problems relating to rights propagation, or rights not propagating. This is before the problem of share level rights overriding but not being overlaid in the security inspector and on some occasions propagating and others not.
These are just two examples of common technologies in place. Yes, MS could attempt to fix the abortive mess they created in the first place, but doing so would break millions of existing installations. MS may like to regularly fuck up the User Interface of systems but even they're not as stupid to make these changes.
The question is really what do users actually need? They don't need more power - it'll lead to problems. But the answer is partly in the question... "need". Needs change and a good IT department should be responsive and try to regularly re-assess users needs and promote a culture where users are able to suggest solutions and where the IT staff have the people skills to resolve what the users actually need, communicate with the user in sensible language and look for the best way forward.
Alternatively a snake-oil salesman can sell you BYOD.
You're asking for trouble if you let users have too much power.
This is my network, I use it to make money, and you are not allowed to connect to it without my permission, and then only under strict rules, set by me.
Anyone who thinks otherwise is deluded.
Re: Eat your own dogfood
We in our department are just as restricted as all the users we support, currently we are rolling out user only access to all the users (a change from years of local admin access to the machine fro ma time when the company was a lot smaller) we are the first group to be forced to use this model, yes we have an admin account but we only use that to do the admin stuff, the rest of the time it is our standard user account, and no we do not stay in the admin account either since our workflow is setup for the regular account - no email - helpdesk tickets etc on the admin account.
We also use the same vpn solution into the same systems as all the other users, and we are all going through the same proxy/firewall everyone else does, this way we cannot be accused of exactly the things you pointed out.
One of the crutches of being the company IT department is that you are expected to know every system, platform, piece of software both proprietary and commercial that any one person will ever use, you are expected to keep all systems at 100% uptime all the time and you are expected to keep the entire system 100% secure (or as close to it as humanly possible given business needs) all the time.
The restrictions seem archaic, but that is because whenever a system goes down, is slow, does not perform as expected the IT crew gets the blame even if it was not directly their fault, maybe it was a new patch from dev, but of course since the patch was rolled to prod, then if the prod system falters in anyway it was the IT guys fault for not knowing that it would hose everything. Also if there is a security breach of any kind then the buck stops at the IT department whether it be the head of the department or one of the lesser workers. in the end the buck always stops at the IT department so in order to maintain any sort of career most departments make sure the users with the best intentions cannot do something foolish that would harm the company and probably get the IT department in hot water or fired.
just because you want your tablet to do this that or the other on the network, and to you it sounds so simple just to give access to some device or share or AP, it quite often isn't.
Re: Enough power to do what?
1. Your company hired an idiot. They can still be dismissed without notice. Do so.
2. They have learned a valuable lesson that no amount of pointless email circulars and seminars would otherwise have told them. Let them stew in their stupidity stressing about being fired. It will be motivating.
3. You have no support back-up. See 1. Your company - albeit in a stripped-down example that may merely be illustrative - is very badly managed and you have bigger problems than passwords.