Casual Business Computer Management

Question

Been working a lot with local businesses who operate in a more casual manner. No Active Directory, no passwords, and free web browsing and downloading applications at will to where every computer is just different.

When and where do I draw the line? Do I flat out e-mail or make an announcement to all the employees about please do not download stuff? Should I take a more proactive approach and since it's my time I have to spend managing these systems actually locking them down and disabling the ability to download and install applications?

How do you do with the casual business? Do you take full control over and law down the law? Or do you define and write up guidelines for said business and hope they work?

An example of an issue is how IE gets filled with toolbars. They never are needed and should never be installed and I typically have to waste time on disabling such issues to increase load times and web browsing times.

Answer 1

You're being paid to admin these systems, right?

You can do a couple of things.

First, you can just live with it, and pocket the easy money. Of course you're going to burn out fast.

Second, you can tell your boss exactly how much money it's costing the company to allow the users to trash their systems. The result of that may well be that you get to lock everything down.

Some related questions:

• What should I do about this user?
• How to convince a big boss that he does not need administrator privileges?

Answer 2

It sounds like you're working as a consultant to more than one business. If they won't let you take steps to lock down configurations, then backups and imaging are your best hope.

If people are allowed to download and install applications and mess with their own configurations, data loss is a matter of when, not if. Get some sort of backups going to so that when you need to wipe someone's computer, you can restore their data.

Then, to make it easier to wipe computers and restore them to a known state, make use of imaging tools. There are plenty to choose from, both commercial and free. Find one you're comfortable with, and start imaging computers when you set them up. Then you at least get fairly quick recovery when someone's computer is messed up.

Answer 3

Revoke admin rights. Make users limited users, and keep the administrative account details to yourself. Much more of a pain than it needs to be without AD, but the only way you'll get users to stop mucking up your systems is to remove that ability.

Answer 4

Really, the route you take should be entirely driven by the business. If they see downtime due to reinstalling from toolbars as an issue then you have a task to do, currently it sounds (to me at least) that you're asking which route you should take but you're not even sure the business see's the issues you've highlighted as a problem.

imho, you'd do well to gather together evidence of the amount of time (and money!) they are spending on your services through these practices, and float the notions of how to fix such matters. You can steer them towards your way of thinking sure, but I wouldn't start mandating IT policies without the buy in from the business that there's an issue to resolve.