fatmanskinny
Premium
join:2004-01-04
Wandering
 ·Comcast Digital Vo..
 ·Comcast
| I can attest to that!
I worked in a huge company where machines were compromised at least once a month.
I think giving all end users admin rights on their machines is not a good idea. My new company does not allow admin rights for end users. It creates additional work for IS but the payoff is that you assist the end user in not being a danger to themselves or anyone else.
--
The only place where Success comes before Work is in the dictionary. |
|
bigjimc
join:2003-04-21
Middleboro, MA | Why doesn't the government prosecute them
Oh yeah, any AG that would file charges against a Fortune 1000 company would be fired for some reason.
--
Just my 2 cents...Flame Lightly... |
|
Nightfall
My Goal Is To Deny Yours
Premium,MVM
join:2001-08-03
Grand Rapids, MI
 ·Site5.com
 ·AT&T Midwest
·Comcast
| It all comes down to administration
Instead of blaming the companies, they should be pointing fingers at their administration and their policies regarding spyware, virus scanning, and so on. What about administrative rights to the local system? What about hardware firewalls that provide some level of protection?
I know some system admins that can support 150 workstations from one console and not have problems because they have the tools and the talent to make things work. I know at my last place of employment, I could support about 100 workstations in 6 different facilities from one location. Add in the fact that we had all the tools to protect our system and it was a great situation to be in. After I was laid off, its amazing how things went to heck in a handcart. A year later I was still consulting on the side a little bit for them on issues that their current admin couldn't fix.
It is stories like that and this one that amaze me. Why are some good network admins without jobs these days?
--
My Domain
Nightfall's Hockey and Life Journal |
|
antiphishing
Phishing Scam Terminator
Premium
join:2004-06-09
Wilkes Barre, PA
|  SPAM , the problem just continues to get worse.
I have seen state agencies computers and local library free access computers infected with spyware and adware. Nothing is done about the problem because the people who run those computers are clueless about internet security.
The local libraries are more worried about patrons doing damage then the real risk of scum on the internet accessing their computers.
They are clueless to realize that their computers can be used as botnets to spread the problem of junk email. It's only after their computers get damaged or someone complains do they take action, which then they become paranoid and make more rules to protect themselves.
It's always the person who uses the computers fault when it comes to these kinds of things. They are just to ignorant to look at the big picture of someone from another country accessing their computers across the internet.
--
Specializing in "takes downs" of phishing and advance fee scams
Send your Phishing/Advance fee scams to: phish@antihotmail.com
»/profile/1021645
|
|
morbo
Complete Your Transaction
join:2002-01-22
00000
clubs: | reply to bigjimc
Re: Why doesn't the government prosecute them
 |
|
cableties
Premium
join:2005-01-27
 ·Verizon FIOS
| reply to Nightfall
Re: It all comes down to administration
As an admin, I can add this:
-Corporate doesn't see the problem
-Management won't allocate resources or money
Comes down to spending money on marketing and less on systems. Rather you just reinstall OS (waste your time), and blame you for wanting a budget for tools, hardware, upgrades, licensing, software...
Used to work with an admin "gestapo" that almost punched several users. He even had a 5-button door pad to his office (he would yell at his fiance on the phone and we could hear it all day...glad we got him to leave). Then I worked with a department head that felt passwords were a hindrance. |
|
xerxes3642
join:2006-02-24
Saint Charles, MO | many anti-spyware
programs such as adaware is banned by our it people. they have no replacement for it though. |
|
devrandom
I got a pot, full of random stuff here
Premium
join:2003-06-28
| reply to Nightfall
Re: It all comes down to administration
said by Nightfall  :It is stories like that and this one that amaze me. Why are some good network admins without jobs these days? I read in an article once (and i'm forgetting who it was actually by, but it may have been one by Bruce Schneier) that pretty much summed up the answer to your question -- good IT practices are undervalued because tangible results are never seen by the people who fund it.
Action (buying tons of useless advertising hours on TV) = Profit
Prevention = ?? (but does = profit as any sane person who works in IT will know). |
|
woody7
Premium
join:2000-10-13
Torrance, CA
·EarthLink
·DSL EXTREME
| hmmmm......
I know this sounds simplistic, but at the school I work at has "DeepFreeze" on all the computers ,and we just reboot after each user, that along with limited user privileges we don't have much of a problem. That with a policy of IT is the only one that installs programs, seems to work great.(but it wasn't always that way) JMT
--
BlooMe |
|
N10Cities
SILENCE I Keel You
Premium
join:2002-05-07
Roland, OK
clubs: | reply to fatmanskinny
Re: I can attest to that!
Here is one possible solution......all users running Citrix desktop sessions, locked down, no admin rights..... user doesn't like it, tough.... company policy... |
|
openbox9
join:2004-01-26
Alexandria, VA | Riiiight. That's a great policy if you have top-down support. In my experience, the top are often the first ones to violate (or direct violation of) policy. |
|
openbox9
join:2004-01-26
Alexandria, VA
·AT&T Southeast
1 edit | reply to Nightfall
Re: It all comes down to administration
said by Nightfall :Why are some good network admins without jobs these days? Because bad network admins cost less money? In Corporate American, the bottom line is what matters. Until lack of security genuinely affects the bottom line, nothing will change. |
|
haertig
join:2000-12-31
Broomfield, CO
| reply to woody7
Re: hmmmm......
quote:
That with a policy of IT is the only one that installs programs, seems to work great.
That approach might be fine for libraries and maybe schools, but it won't fly when your employees are developing and writing software. Policy: "Nobody installs executables except IT". Employee: "But my job is to write executables!" |
|
fatmanskinny
Premium
join:2004-01-04
Wandering
·Comcast Digital Vo..
·Comcast
| reply to openbox9
Re: I can attest to that!
said by openbox9 :Riiiight. That's a great policy if you have top-down support. In my experience, the top are often the first ones to violate (or direct violation of) policy. In my new company, not even the CEO has admin rights. Lol! It is a top-down policy. Some people have it (very, very, very (did I say very?) few).
For the most part, the ones who are dangers to themselves don't have it. Also, Corp IS has two separate accounts:
One User account
One Account Operator or another type of Admin account.
We work using mostly Citrix or Remote Desktop connections to ticketing system, remote control tools, etc. That way, we can still work on issues and log tickets but still locally logged in using a User account.
--
The only place where Success comes before Work is in the dictionary. |
|
fatmanskinny
Premium
join:2004-01-04
Wandering
·Comcast Digital Vo..
·Comcast
| reply to cableties
Re: It all comes down to administration
said by cableties : Then I worked with a department head that felt passwords were a hindrance. Gotta love those employees who feel passwords are a hindrance to their work. I usually respond with "well, I will make a deal with you. I will remove all passwords from your computer accounts if you remove all locks and security systems (including firearms) from your home and car and provide the address of where you live."
How quickly the complaints about passwords disappear.....
--
The only place where Success comes before Work is in the dictionary. |
|
openbox9
join:2004-01-26
Alexandria, VA | reply to fatmanskinny
Re: I can attest to that!
It's great that you have support from the top. That hasn't been my experience. Granted, I do think the situation is changing, just not as fast as us geeky types would like. |
|
BosstonesOwn
join:2002-12-15
Everett, MA
clubs:
·Comcast
| reply to openbox9
Re: It all comes down to administration
said by openbox9 :said by Nightfall :Why are some good network admins without jobs these days? Because bad network admins cost less money? In Corporate American, the bottom line is what matters. Until lack of security genuinely affects the bottom line, nothing will change. TJX ?
--
"It's always funny until someone gets hurt......and then it's absolutely friggin' hysterical!" |
|
BosstonesOwn
join:2002-12-15
Everett, MA
clubs:
·Comcast
| reply to Nightfall
said by Nightfall :It is stories like that and this one that amaze me. Why are some good network admins without jobs these days? Here is perfect example.
I left a nice admin job with good pay, with a fortune 500 , for a support role with another fortune 500.
From experience I can tell you that most of the "good" admins get let go because they don't get paid enough to deal with the crap they did.
I was making nothing compared to other managers at the first fortune 500. Actually less then half. The network ran smooth as silk every box was clean and quiet and we actually moved away from from 2 ds 3's to just 1 with a private fiber link to our other buildings. This saved us roughly $18 k a month.
I made a couple very critical mistakes in trusting managers close to me.
I had slashed the energy use in my managed offices by 70 % by using smarter things then just cutting a person. Things like lcd panels instead of crts every where. The cost was recouped in 3 months. Other things like setting pcs to sleep when not used for 2 hours. But left wake on lan on so our server could wake the system for updates and reboots. And some other cool things that saved so much money they could actually have built a whole fiber ring to all of our offices and dropped another ds3 in and let us lease out service to carriers.
In short the managers stabbed me in the back and took credit for it all because they signed the roi papers on my week off. So after a couple months they started getting promotions and raises I got crap except how come you never thought of that.
2nd company was a joke. I walked in and seen so much waste I couldn't handle it. Loaded proliant servers , serving internal webpages for 1 group of 12 people ! Every blade was loaded to the hilt with ram as well. I quickly found out that the people where using it to host lan games and having their friends outside running it as a public server for their clan. I made changes and turned it all off.
Well I must have offended a bosses minion because 2 weeks later I was pulled into the office and let go. They "laid" me off sighting cuts. They said I made to much and they couldn't keep paying me all this money to support this building. I looked in amazement as the guys would come in at 9 or 10 leave at 4 and take 2 hour lunches. Like it was a country club !
Now I am actually supporting many fortune 500's sitting in a cubicle and not getting paid as much but loving the whole group of people here and the lifestyle.
I want to get back into working in that environment because I am that type of person, but they won't pay for it because mr CEO needs 30 mill a year. It's absolutely crazy.
BTW I actually ask for less then market and usually get raises within the first 3 months. But now I see why many ask for huge increases in pay.
--
"It's always funny until someone gets hurt......and then it's absolutely friggin' hysterical!" |
|
phattieg
join:2001-04-29
Winter Park, FL
 ·Verizon Wireless B..
·Sprint Mobile Broa..
| reply to antiphishing
Re: SPAM , the problem just continues to get worse.
said by antiphishing :I have seen state agencies computers and local library free access computers infected with spyware and adware. Nothing is done about the problem because the people who run those computers are clueless about internet security. The local libraries are more worried about patrons doing damage then the real risk of scum on the internet accessing their computers. They are clueless to realize that their computers can be used as botnets to spread the problem of junk email. It's only after their computers get damaged or someone complains do they take action, which then they become paranoid and make more rules to protect themselves. It's always the person who uses the computers fault when it comes to these kinds of things. They are just to ignorant to look at the big picture of someone from another country accessing their computers across the internet. You'd think they would make a logon/off script that ftp'd the number of processes running, and the names, for each machine at the end of the day. They should ALL be running the same identical image, so if anything odd occured, they'd know right away...
--
SIPPhone/Gizmo # 17476200648 / PIMPNET Chatline / Ran by Asterisk & Slackware 10.1. |
|
N10Cities
SILENCE I Keel You
Premium
join:2002-05-07
Roland, OK
clubs:
·Cox HSI
·World Lynx
1 edit | reply to openbox9
Re: I can attest to that!
said by openbox9 :Riiiight. That's a great policy if you have top-down support. In my experience, the top are often the first ones to violate (or direct violation of) policy. If that is the case, then they get what they deserve.... the bad thing about that is, they come down on your head for their ignorance..... 
In our line of work (elder healthcare), even upper management HAS to toe the line as far as IT policies, if HIPAA compliance is to be met. Too much at stake!! |
|
