jchrisobrien: (big trouble!)
jchrisobrien ([personal profile] jchrisobrien) wrote2004-12-13 08:37 am
  • Add Memory
  • Share This Entry
  • Current Mood: awake?

The Top 10 Reasons Why Users Should Not Have...

One of our System Administrators posted this on our Help Desk mailing list. Currently, all of our users have Local Administrator rights on their computers. It is to laugh.

10.Allows Malware to really *REALLY* hose the PC if it gets hit
9. Allows users to mess up their settings royally
8. Administrative nightmare to manage
7. Must spend more time ghosting machines because of 10, 9, and 8
6. Users get rather pissy about the loss of data stemming from 7
5. Any corporate software and mail policy can be easily broken
4. They can undermine anything administratively done to their machines
3. With only minor creativity in phrasing, local admin rights can easily violate Sarbanes-Oxley and other pseudo-security legislation
2. Users can load any software, even illegal stuff...
1. Makes corporate security people laugh so hard, they can't effectively do their jobs
Flat | Top-Level Comments Only

[identity profile] sbazzy.livejournal.com 2004-12-13 07:19 am (UTC)(link)
wait, you can't reset accounts, but your users have admin rights? good lord :-/

[identity profile] silas7.livejournal.com 2004-12-13 12:42 pm (UTC)(link)
Welcome to our wacky, wacky, world.

We seem to believe in the adage: "Give someone enough rope, and they will hang themselves from it."

If it's not an adage, it should be!

[identity profile] alex-victory.livejournal.com 2004-12-13 11:19 am (UTC)(link)
One of the best stories I got from my first or second year at GTE-I was this woman who needed her laptop re-imaged because she'd given it to her son so he could install and play Red Alert. For some reason the DirectX install went sideways and hosed the whole thing.

So I backed up her data, reimaged the machine, and gave it back to her.

AND SHE DID THE EXACT SAME THING AGAIN.

[identity profile] silas7.livejournal.com 2004-12-13 12:43 pm (UTC)(link)
AWESOME!

The best thing is, it's an easy fix, and they have to sit and wait while you fix their own stupidity.

Doing it once, is a mistake.
Doing it agian, is stupid.

[identity profile] chimingsword.livejournal.com 2004-12-15 06:04 am (UTC)(link)
OMG - nice to see I'm not alone facing this type of problem. I don't give my users administrative level access but I get complaints on that policy all the time. Of course, the one time that I did allow the access the PC was messed up badly within 2 days!
Flat | Top-Level Comments Only