Software

General discussion

Locked

admin rights for executives?

By Hiro_Protagonist ·
I've got a wanabe who just hired on as a Senior Vice President. This guy used to work for the company like 2 years ago but got laid off. Now he's back and we've upgraded to 2000 from 98 and he insists on having admin rights to his W2K laptop because he needs to "control his own destiny on the computer" pfft...
My boss and I are sticking to the guns that got our support to user ratio up to 1/150. Has anyone run into this problem? Do you give admin rights to your executives if they ask for it?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Support

by NetworkPlanner In reply to thats good advice

We have a policy for executives that gives a little bit of flexibility. For any exec that wants to have those rights, we give it to them. The caveat for them is that IT supports ONLY the preinstalled apps. Any issues related to non-supported apps are handled by the exec. If the app causes an issue with supported apps the offending program is deleted. If the problem is not solved by removing the program, the computer is reimaged from a generic Ghost image. If the exec is willing to abide by that, they are give access. This only applies to Senior Executives, ie, officers of the company.

This is in a Fortune 500 company.

Collapse -

Licensing Issues

by nickb In reply to Support

We found an executive that installed unlicensed software on his company laptop. We discovered it by accident while auditing software on the network while he was connected. This is a tremendous liability and can cost thousands of dollars per occurance. All permissions were removed and the software deleted.

Collapse -

the psychology of it

by eth0 In reply to thats good advice

Whenever you do help, you must not let your ego in the way as well. We can all fix the broken parts, but it is better to prevent them from breaking.

You are right he does not want to follow IT policy because it makes him feel inferior. Try to take this feeling away from him by explaining to him in laymen terms some common hacker techniques exposed through assigning admin rights to ordinary users (i.e. vp's and all the above, lol)

Of course he will probably brush hacker talk right out the window which is what the hacker...

well good luck!!

Collapse -

An image is worth a thousand word...

by SaintGeorge In reply to the psychology of it

... and an experienced is worth a million.

I worked in a company where we had one of those hard cases. The guy in charge of network security and policy finally let the exec have his way. And then hacked into his notebook. Nothing serious or harmful, just messed up his screensaver and sounds (it would fart every time he turned it on and burp for mistakes). And he also trashed his porn (oh yeah, that's what he wanted to install, Kazaa). And demoted him to guest status so he couldn't change anything back. How he did it I don't know, I'm just the guy who sets the hardware up, changes faulty kbs, disks and monitors, and he wouldn't tell me...
Second time, he had his way, and the exec gave in.

Collapse -

You might have the secret in there

by user@# In reply to thats good advice

You say he has a huge ego? I hate what I'm about to suggest, but try a "suck-up" type routine-- play on his importance and the fact that his time is better spent working his job; the "small-fish problems" that he finds on his laptop are better suited to those of you who are more familiar with the new complexities and nuances of the new O/S, etc.

I once worked for a company with a BS (boss's son) who thought he was the last word in computers. At a time when there was only one PC in the company and I was working on the Quality Assurance Plan (required by the state license), he locked the hard drive and left for a week. Later, when we got a LAN and someone else in charge of that we pretty well kept him locked out. Believe it or not, he eventually got himself fired-- but that's another story.

Collapse -

Local Admin?

by gpartridge In reply to Maybe exec support

If the Executive requires local Admin rights to his laptop then whats the problem?
He can't cause issues other than with his own laptop.
Give him the rights and if he causes himself problems, politely explain that the IT Policy would have prevented the issue.

Collapse -

WTH????

by russell In reply to Local Admin?

First of all, you have just set the standard: IT policy is worth less than the disk space the file occupies on the network. When that laptop crashes because he installed Bonzi Buddy and a handful of other non-standard apps, who is he going to come running to?

How are you going to tell the other VP's, that they can't have local admin rights? You've already given them to VP 1.

Do you or your manager answer directly to this VP? If not, he needs to go through his chain of command with a business justification of why he needs those rights.

Collapse -

by Alysonh In reply to WTH????

We have a fairly laid back policy regarding user rights on local computers/desktops. It works because it's a small network though, only about 50 users. The rule, in writing is, you are allowed to administer your own desktop, HOWEVER, we do not support, fix, repair or otherwise take care of problems that have to do with anything they install or arise from anything they install. We also disclaim, from the point that they change something, any responsibility for anything on the computer.

What I have found is one "Hrmmm, I'm going to have to reformat this, will be a couple of days before you get it back" has pretty much stopped people from playing too much with their computers.

What -I- would do?
a) Give the guy what he wants.
b) Get his acknowledgement that he understands what he is playing with and the consequences. (I'd suggest getting it in writing)
c) Make sure that his superiors understand that you are giving him admin rights because he demanded them but you can't be responsible for what might happen, i.e. losing usage for a few days.

Collapse -

Support it anyway

by kasualkid In reply to

I would say you would end up supporting it anyway - even if all you do is re-image the desktop.

We just hired a COO within the last year and a half (he came from one of the big 3 oil companies). My VP of IT reports to him and he is greatly concerned about the support we have to maintain to people who do not abide by IT policies. His most recent comment was, "At [the oil company he worked at before] if a support issue was caused by a user 'breakin an IT policy', they sent the user a personal bill for the support call."

An interesting concept. I would write a contract to that effect and create a new revenue stream for your support staff.

Collapse -

So You will make the time that you don't have?

by IT-IS Manager In reply to

That sounds very "user friendly", but not very realistic - I beleive the policy was put in place to reduce work not create it by giving users rights and waiting for the inevitable to happen - like at 5:30 when your trying to walk out the door. And I don't care how casual your company is or small - I find it hard to believe that your president/owner is going to say "Ok a couple days for John without his computer is fine - just get it to him when you can." more like - "Get it going ASAP and explain to him what he did wrong - I know he did wrong, but he needs his computer to work and we can't wait a couple days".

Related Discussions

Related Forums