Windows

Poll Results: Should Windows Desktop Gadgets be banned from the corporate workstation?

See how your peers answered this question: Should Windows Desktop Gadgets be banned from the corporate workstation?

On August 6, 2010, I asked the readers of the TechRepublic Microsoft Windows Blog this poll question:

Should Windows Desktop Gadgets be banned from the corporate workstation?

The 577 respondents to the poll were generally evenly split with 56% saying no ban and 44% saying a ban was justified.

The gist of the associated discussion thread was that a ban may seem desirable, but it is too impractical to enforce. This makes me wonder if a majority would be in favor of a ban, if such a ban were practical to enforce.

Are Windows desktop widgets really that much of a security risk? What risks do they introduce and what do IT pros need to do to mitigate the risks involved?

Stay on top of the latest Microsoft Windows tips and tricks with TechRepublic's Windows Desktop newsletter, delivered every Monday and Thursday. Automatically sign up today!

About

Mark Kaelin is a CBS Interactive Senior Editor for TechRepublic. He is the host for the Microsoft Windows and Office blog, the Google in the Enterprise blog, the Five Apps blog and the Big Data Analytics blog.

20 comments
blackepyon01
blackepyon01

I think that the average user doesn't need gadgets in the buisness enviroment.

David A. Pimentel
David A. Pimentel

All the responses that claim that gadgets pose too much distraction from the users' job duties seem to be self contradictory. Were any of those blog responses done from work computers on employer time? It seems that blogging and discussion forums such as these are more of a distraction from work than any silly desktop gadget. Just sayin'.

Tony Hopkinson
Tony Hopkinson

and wasn't. Just assuming would be nearer! The point was seeing as they pose a definite security threat, that needs to be balanced against the value, which in a lot of cases is zero in terms of doing the job.

RLKCon
RLKCon

Bad gadgets should be banned, but since it's impossible for an IT organization to evaluate them all, it's better to discover a few that are beneficial to the workers role and provide them (if wanted). Allow users to submit a request for additional, but control it. TR is as big a distraction to an IT work place as any gadget will ever be (just a comment). The gadgets that I use are Clock (the horror), wolfram alpha (could be risky), google search that launchs chrome, and an RDP gadget for keeping my most common server connections available with a quick click. Sure there are other ways to provide the exact same services, but they are nice. No RSS feeds or auto picture generators, as they are a constant connection in and out. With that said it's the job of IT to create the policy, based on what's best for the organization, so I think each group should make their own decision based on what their business actually is. Bandwidth should be considered, security, time wasting, system resources, and yes the benefits.

Realvdude
Realvdude

Seems to me that gadgets are just another feature to have to manage. My first thought was that an organization may even want to develop their own gadgets for desktop deployment. MS denotes three locations for gadget installation, user, shared and windows. Placing gadgets in shared requires administrative rights, windows is reserved for MS gadgets.

john3347
john3347

While there are exceptions, gadgets (aka toys) are, by and large, just toys that distract the user from the company business that should be occupying their mind and time. Therefore if there is a solid yes or no answer to this question, it would have to be no, - no gadgets. A company computer is a professional tool that should be treated as such. A home computer can be treated as a toy if the owner desires a toy.

Tony Hopkinson
Tony Hopkinson

based on IE! No more needs to be said really does it....

PESK, mbcs, mcse, mcitp, sts
PESK, mbcs, mcse, mcitp, sts

...Should be over here. ...Gadgets CAN be mini-browsers or even mini-applets. Anyone can write XML/dHTML code and package it as a Gadget. Statement such as "Gadgets like system monitors that track performance are useful in determining "Why is this taking so long?" and benefit the company by helping workers be efficient" cannot really be taken seriously! Seriously??! No offence intended, but there are other ways of determining a PCs performance (with tools included in Windows no less). Try PerfMon or Task Manager. I would never leave it up to the user to tell me "My PC's running slow". There is no such thing as a bad program, just bad programmers. Some gadgets can actually be quite useful. Case in point, an RDP, Remote Assistance request or in-house productivity gadget. Deduct 2 cents.

Tony Hopkinson
Tony Hopkinson

that could be useful. They shouldn't be a security risk given a good programmer wrote them. :p Generated by a third party, well then we have issues. Worse still if gadgets are ok, they are OK for user to install (whitelist/blacklist maybe?) To me it's no different to allowing p2p clients or browse any site you want. Yes there's valuable stuff out there, there's also a lot of threat vectors, never mind 'reputable' stuff like 'today's nude teen' It's this impression that gadgets aren't threat vectors that needs to be addressed.

Tony Hopkinson
Tony Hopkinson

at all. They are big on it our place. At several levels too. Some of our web guys are seriously into it for all to obvious reasons. Which is why Jason's question "are gadgets a security threat" question irritated me a bit... People still download with exe's to see Britney naked, they still send their bank details for win in lotteries they didnt enter. They still click on the link that will 'stop' them being spammed by some muppet. We have a long way to go, and now gadgets are yet another vector we have to deal with. It wuld be hard to make a case aginst email, or even the internet in a normal business day, gadgets not so much.

PESK, mbcs, mcse, mcitp, sts
PESK, mbcs, mcse, mcitp, sts

A door is a portal of either entry or exit. One can either choose to be agoraphobic and live indoors or invest in good locks and see the world. Security as a mind-set has to change. It is no longer upon the admin alone to secure the environment but to also educate the user and place the onus back on them. Back in the day, workers would be given keys to the office and if stuff got 'half-inched' (pinched), they'd get the chop. Today's HR (read: Human Remains, not a generalization) departments and line-managers need to do their jobs and reprimand staff who are breaking corporate policy and visiting 'Today's Tude Neen'... Ahem! For instance. Gadgets are no more doors into the Windows environment than emails are. How do modern environs get infected nowadays? Yes, a dumb user opening HappyBirthdaySexy.exe... As they say, it's not the size that matters, it's what you do with it. -2c

seanferd
seanferd

Too many gadgets running, consuming RAM and processor cycles?

oldbaritone
oldbaritone

As with anything, "it depends" on the tradeoff between business usefulness and organizational costs and risks. Gadgets like system monitors that track performance are useful in determining "Why is this taking so long?" and benefit the company by helping workers be efficient. Obviously yes, these gadgets benefit the organization and should be allowable. Innocuous gadgets like Clock or Lava Lamp don't require much attention, and make life a little more pleasant for the employee, perhaps. Probably yes, these gadgets are of some benefit, and should probably be allowable. Hot-link popups to porno, hacker sites, etc. are of no benefit to the organization, and are likely a detriment, wasting time and creating a potential for litigation against the organization. They should not be allowed on desktops in the company environment. Of course, most of the gadgets are somewhere in-between, so it's not easy to determine what's worthwhile or not to the organization.

Rolland St-Onge
Rolland St-Onge

Patches and updates? Do I really need the excess patches for all the vulnerabilities these toys have?

apdumas
apdumas

On my network, if the PC is slow, why give the user a widget to possible play with or be caught up having to explain functions for it that are not relevant to their duties. If a PC is slow, the help desk (me) takes the input from the user and will investigate. Gadgets will only allow for distracting the end user from doing their tasks. Fixed profiles provide what they need to work (links/shortcuts) so why clutter the PC with gadgets?

Mark W. Kaelin
Mark W. Kaelin

Are Windows desktop widgets really that much of a security risk? What risks do they introduce and what do IT pros need to do to mitigate the risks involved?

PESK, mbcs, mcse, mcitp, sts
PESK, mbcs, mcse, mcitp, sts

...Gadgets CAN be mini-browsers or even mini-applets. Anyone can write XML/dHTML code and package it as a Gadget. Statement such as "Gadgets like system monitors that track performance are useful in determining "Why is this taking so long?" and benefit the company by helping workers be efficient" cannot really be taken seriously! Seriously??! No offence intended, but there are other ways of determining a PCs performance (with tools included in Windows no less). Try PerfMon or Task Manager. I would never leave it up to the user to tell me "My PC's running slow". There is no such thing as a bad program, just bad programmers. Some gadgets can actually be quite useful. Case in point, an RDP, Remote Assistance request or in-house productivity gadget. Deduct 2 cents.

Tony Hopkinson
Tony Hopkinson

to make them even slightly worthwhile. Silly question...

dhays
dhays

Around here, anything that goes out to the internet for information is banned--takes up bandwidth that should be used for work. So I can no longer have the local TV station weather gadget which came in handy in severe storm season, as it popped up and gave a warning when a watch or warning was issued. Even streaming radio is frowned upon, Youtube videos, etc. are blocked. Some sites are outright blocked, others are warned against, becaue they might consume a large amount of bandwidth. As for the desktop, I always keep all icons hidden, I can see my wallpaper better, never used the desktop anyway, old school--prefer the menu method better, too much clutter makes it hard to see what you want. Windows never keeps the arrangement the way I want, so why mess with it? I have made a toolbar of destop icons, if by chance I need one. I also have a toolbar of shortcuts to certain files I use regularly, no desktop clutter. the start menu keeps a listin gof frequently used program, too, there i sno need for a cluttered computer desktop--just aphysical desktop with clutter! I use the built in slide show for a screensaver of favorite pictures downloaded (mostly Hubble telescope photos), some volcano pictures...

Editor's Picks