Main Area and Open Discussion > General Software Discussion

Company audited my computer. Found many "unauthorized" software. Lol.

<< < (5/6) > >>

superboyac:
Office Space is such a great flick.

40hz:


"We personally believe Mouser is executive material."

steeladept:
Okay, I have to take the other side of this given that I (now used to) work IT in a large corp. that does these audits.  There are a plethora of reasons provided, many of which people at various levels consider stupid.  As it goes down the chain, many get left off until only the stupidest reasons or made up reasons the on-site tech could figure out are the only reasons provided.  In reality, there are MANY good reasons, and many of the apparently stupid reasons have good reasons behind them that are never explained.  At my company, these are the main reasons (NOTE:  Were applicable, this is related to U.S. laws and regulations.  YMMV):

     1)  Standardization - this makes everything easier from the technical side, from setup, through troubleshooting, to transferability and upgrading.
     2)  Repair - associated to standardization is the troubleshooting and repair of PC's.  If the problem is a software conflict with authorized software, it can be documented, tracked, and fixed.  If it is from unauthorized software, it costs a lot of time and money to track down issues that never should have occurred in the first place.***
     3)  Auditing - a company is required, many times by law (and often times by customers) and policy to know everything that is installed on each machine.  While this seems ludicrous for a company with 50,000 PC's, it never the less is a requirement.
     4)  Security - since it has not been reviewed and authorized, it is not considered secured software with the associated liability trails if the software causes a security breach.
     5)  Liability - This is perhaps the most important one as many people don't respect licenses or intellectual property.  For example MANY people in my company would download shareware that states specifically for personal use only.  They would justify that they are the only one using it, even though it was obviously not for their benefit.  Instead the company would be liable for profits gained through the use of the software as well as fines, legal fees, etc.

***Note:  In my company they actually considered charging back this associated cost to the end user if this was found to be the cause.  However, they found that to be essentially unenforceable in our current setup so charged back to the department instead.   Sometimes that worked, sometimes not so much.

There may be other good reasons as well, but these 5 just are off the top of my head.  I found the best workaround for me and our company is using portable apps.  If you use them, they can not be traced unless caught while using them, since they are not installed.  Even so, this can open the company to the liability and security issues listed above.

The right way to accomplish this is to get a hold of the head of IT and show them the software.  Give them the developer or company name and encourage them to talk so that they get what essentially amounts to a corporate or site license and add it to the image.  Many of these guys are not even true IT professionals, but rather management professionals anyway, so they are often easier to convince.  Once they see the value (especially if the cost is free), they will dictate that it should be available unless there is a technical reason for it not to (incompatibility seems to be the one noncontroversial excuse, the rest tend to be a fight over who has most control).

rgdot:
The issue with those policies and what you are saying is that at least 4, 3 and 2 are easily "broken" by browsing. Even the best filters which don't allow watching videos at work for example or block sites can't prevent the most common source of serious computer problem these days...being connected to the net.

wraith808:
The issue with those policies and what you are saying is that at least 4, 3 and 2 are easily "broken" by browsing. Even the best filters which don't allow watching videos at work for example or block sites can't prevent the most common source of serious computer problem these days...being connected to the net.

-rgdot (May 21, 2009, 02:05 PM)
--- End quote ---

While what you say is true, the purpose is to mitigate as much risk as possible.  Some companies even go as far as limiting or preventing access to the net by people who don't have a proven business purpose for being on it.  As bad as your IT policies are, they could be worse...

Navigation

[0] Message Index

[#] Next page

[*] Previous page