From: "Robert Comer" 

> Well, there is that.  But how much control do they need to get their jobs
> done?  Installing personal software?

Most don't need it, some do.

>Network access to folders?  (*HIGHLY* and *TIGHTLY*  controlled - it's easy
>to get around though:  just have the bosses' boss  approve it in an email
>and that takes only a half-hour or so since most  people respond rather
>quickly to emails.)

Handled. No peer sharing except for what I might do with hidden shares.

>Wallpaper?  (I can't add files  to the default folder but I can point the
>wallpaper link to one of my own  files elsewhere on the machine.)

I consider wallpaper, theme, screen res, a necessity for anyone that has to
use a computer for any length of time.  There's a bit of OSHA in this...

> Well, I was just trying to be provocative ;-)

I know 

>My point was intended to be  mainly:  a business machine is a business
>machine; it's possible to lock  down a business machine in such a way that
>it doesn't hinder the  operations of the business even though it might
>curtail some personal, uh,  "modifications and enhancements"; when the
>effort to do the lockdown is  less than the effort to
"repair" the havoc
>that misguided users have  created then it behooves one to do the lockdown.

We're small enough that it's the other way around -- when you have someone
with my skill level to clean up the mess anyway.  It would cost us a LOT
more to lockdown than not.  My record is pretty clean compared to the big
corporations, so I don't feel bad at all about it.  I block a lot at the
firewall that big corps don't seem to want to do.  Our main mail system is
not near as vulnerable to attack as a Microsoft one, we use Notes -- it's
the mobile laptop bosses that give me the most grief, but they outrank me.


--
Bob Comer





"John Beamish"  wrote in message
news:op.tc1tg7n6m6tn4t{at}dellblack.wlfdle.phub.net.cable.rogers.com...
> On Fri, 21 Jul 2006 09:23:26 -0400, Robert Comer 
> wrote:
>
>>> [snip] You don't let fork lift truck
>>> operators perform modifications on fork lift trucks - you bring in the
>>> appropriate technical expertise to do that.
>>
>> We're kind of small to be considered in that class.
>> [snip]
>>  plus I get the bonus of the users thinking they have a little bit
>> of control of their own "stuff".
>>
> Well, there is that.  But how much control do they need to get their jobs
> done?  Installing personal software?  (That's locked down except on
> specified PCs.)  Network access to folders?  (*HIGHLY* and *TIGHTLY*
> controlled - it's easy to get around though:  just have the bosses' boss
> approve it in an email and that takes only a half-hour or so since most
> people respond rather quickly to emails.)  Wallpaper?  (I can't add files
> to the default folder but I can point the wallpaper link to one of my own
> files elsewhere on the machine.)
>
>>> As long as the  functionality exists in windows to lock it down in a
>>> corporate  environment, you are almost derelict in your duty if you do
>>> not
>>> do that.
>>
>> Er, no.
>>
> Well, I was just trying to be provocative ;-)  My point was intended to be
> mainly:  a business machine is a business machine; it's possible to lock
> down a business machine in such a way that it doesn't hinder the
> operations of the business even though it might curtail some personal, uh,
> "modifications and enhancements"; when the effort to do the
lockdown is
> less than the effort to "repair" the havoc that misguided users have
> created then it behooves one to do the lockdown.

--- BBBS/NT v4.01 Flag-5