Software

General discussion

Locked

admin rights for executives?

By Hiro_Protagonist ·
I've got a wanabe who just hired on as a Senior Vice President. This guy used to work for the company like 2 years ago but got laid off. Now he's back and we've upgraded to 2000 from 98 and he insists on having admin rights to his W2K laptop because he needs to "control his own destiny on the computer" pfft...
My boss and I are sticking to the guns that got our support to user ratio up to 1/150. Has anyone run into this problem? Do you give admin rights to your executives if they ask for it?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Yes, but

by truthiness In reply to We in IT are there for th ...

We're hired to make good decisions that benefit the organization, not the individual. IT supports the end-user's work and productivity, not their every whim.

If an executive is willing to make you violate a company policy just because they have the power to, then they're a crappy executive, and if the company lets him get away with it, it's a crappy company. Granted, not much you can do about it except look for a different job.

Collapse -

All relative, define that good decision.

by Open2Ideas In reply to Yes, but

A real exec knows what his time is worth and how to manage it. At about $20,000 per hour, our former exec deserved all the support we could give, that "gold" support mentioned. If he had to wait an hour to do a 5 minute test install, decisions would be sacriiced, and he might not get that included break we all need sometime.

The person with the restore instantly attitude gets the business award. You can track it, but bet the exec does too, in his terms. Our second line exec at $2,000 per hour deserved it too. They don't make money being fools.

The big guy had our best person work a week to design and install his home network and link it in. Would you really rather have a contractor patch into the home office?

It really is the company interest that has to be cared for. I'll bet the person that refuses to budge on rules also gives "gold" service, even harder, or else is on a short list.

Collapse -

The issue here is EGO...never be a wannabe

by eth0 In reply to We in IT are there for th ...

The VP clearly has no direction with which he wants to take his PC. He just wants admin rights to defeat his inferiority complex. This is a seperate issue, not a justifiable business decision.

Remeber there are wannabes out there and they will always be wannabes.

Collapse -

Steaming Mad- This is not McDonald's

by t165 In reply to We in IT are there for th ...

Let's face it in the wake of Sarbanes-Oxley we no lomger have the luxury of simplifying change requests. We now have to document every change that we make and the reason for the change. And to be honest for every request that a user makes whcih it only takes them 2 minutes to complete the form I have put in 20 minutes implementing the change and another 20 minutes documenting the change and its possible effect on the overall network infrastructure. So I refuse to sit there and listen to them whine about having to take 2 minutes to fill out a form. And I also refuse to allow them to have administrative righhts on their boxes as even when they only take down their own systems I will have to spend an hour bringing them back up. That hour in my world is not a billable hour. I have a certain amount of hours each day to accomplish a great deal of work. If that work is not completed I have to connect from home on high speed connection that I pay for out of my own pocket to complete the neccessary work so that I do not become hopelessly backlogged. Computers are given to end users with more applications than the users could ever use with ideal configurations, but in the fast food mentality world everyone thinks that they should have it their way. With no regard as to the time that I have to take away from my family to make it so that they can have it their way. IT departments are stretched to the breaking point already trying to keep computers secure and updated regularly. I know that I am ranting here but I learned the hard way that unless the end user know how to restore his own computer as you will be reloading it if you give administrative authority. And trust me no matter what you say upfront you will also be reapplying their customizations and you will spend a great deal of time trying to recover what you can from their old system, and answering a million tiny little questions that they will pepper you with as they try to find the best way to improve(crash) their system. The only admins who truly just Ghost unconditionally are those who are within a year of retirement and don't care if the ax falls on their heads when their VP can't find his NASCAR bookmark in his favorites.

Collapse -

Are you still alive? It sounds like next stop strokesville

by jeff.reid In reply to Steaming Mad- This is not ...

If you go home at night and log in on a line you pay for to do more work for free you are not that smart. Now don't get me wrong, you may be brilliant, but you are working harder not smarter.

If loging on over high speed is required for your job than the company will pay for it, period. Otherwise you are doing something they don't think is necessary.

You are taking your responsibilities WAY TOO SERIOUSLY. Relax.

Collapse -

We fought that same battle

by coldbrew In reply to Let him have it ...

Our Tech dept fought that same battle. All the brass got what they wanted and we got stuck fixing it. We fixed it but sort of picked and choose who to make examples of. Trying to explain IT to non IT execs is like standing knee deep in gasoline juggling road flares.

Collapse -

Jeff has the right idea

by buschman_007 In reply to Let him have it ...

If you turn this fight into you against him, then if he gets his way and doesn't screw up your IT policy looks like fluff. If you are supportive, don't take it personally, and just advice of the "potential danger" then you can't be wrong. Document everything to prove how right you are

Mike

Collapse -

On the other hand...

by SaintGeorge In reply to Let him have it ...

If you are dealing with a senior exec dumb, er, i meant unreasonable, enough to think he/she knows better than policies, you should be ready to be held accountable for the mayhem he/she might cause, locally or all over your net.

Specially if this is not really an IT-educated person, which is almost always the case. Or even worse, it might be a half-cooked IT-wiz wannabe.

He (why don't English have a neutral pronoun?? I'll say HE but remember, women can be unreasonable too. Not saying that happens often though).

He will never admit it's his mess. Somehow you should have managed things so he could have had administration rights in a completely sealed-off secure environment. After all that is why they are paying you a salary, right?

How to avoid that? No specific way. Each case is different, specially if you don't have higher-powers backing (and that is surely the case, or we wouldn't be discussing this).

I agree. Be ready for damage containmet. But do not, repeat, do not be surprised if instead of Christ Reborn you are treated more like something the cat dragged in. Egos don't like to be proved wrong...

Collapse -

ie. Local Admin

by Valor In reply to Local Admin?

gpartridge@mdi-ltd.com, the issue with the executive being granted Admin rights is that you not only circumvent the IT Policy thus making it worth nothing, but setting a standard of foregoing the policy. Have your dept head setup a meeting with him and the company senior to force them to either support you or let you know where your policy and dept stand in their eyes.
If he cannot provide substantial reasoning to his boss for having admin rights, then it shuts the issue down right there. Thus, it prevents any further heartache or conflict. Trust me, he wont wish to look like an idiot in front of his boss. BTW, dont do all this via email. Make the meeting a face to face meeting.
As far as possible threats, there are many security issues with granting admin rights as most already know. Proprietary company info can be leaked by an untrained Admin making changes to by-pass features of your network security structure. Once he makes changes to his laptop he may inadvertantly cause a virus threat to your network among other things. Educate his boss in order to stop the executive in his tracks.

Collapse -

Playing with fire

by zaferus In reply to ie. Local Admin

I agree 100% with the risks of giving someone Admin rights, but what consolation is it to be right when you've got bad marks on your reputation because you're being badmouthed at exec levels, or worse - if you're in the unemployment line?

I dealt with situations like this when I was doing consulting work, and I would normally try to clear it up by:

1. Business people understand risks. Explain to him that the more changes he makes, the more he could alter the high integrity business standard you have on the systems. Explain the risks to "potential business continuity disruption" - this is where you hit the exec at his primary business function.

i.e.: is he in front of clients? "How could it affect our reputation if the system crashed during an important presentation?" If he does reports "What could be the cost of lost data if the system crashes at an important deadline?" Does he travel a lot? "How are we going to support him if he's down and 400 miles away?" "We value our ability to give good service to everyone here and I'm genuinely concerned that this could affect our ability to continue giving the same quality of services."

2. Explaining the risk of security or lawsuits - "I'm not as concerned about out time, it may be a good excuse to grow the resources of our department, but what could happen if some innocent looking unauthorized software utility installed was exploitable by a hacker and someone stole our company data from the laptop or used it to steal data from our network? What would be the perception from our clients if we had to go back and tell them their personal information may have been compromised? What could that do to our corporate reputation/stocks? What would be the cost of just one incident? Not to mention any potential lawsuit risks?"

3. Explaining the increased cost of support. "We would be happy to give increased rights to these users, but we may require additional support staff to handle the increased support requirements." Maybe even mention to help reduce downtime you need a "spare" system of that type! Or propose using a user based recovery system (like xpoint). Be prepared with some statistics, costs and nice flashy graphs to illustrate your points! Nothing brings this "give me rights" game to a halt faster than showing increased costs without increased benefits to the decision maker!

If the CEO/President says "go" then give it to him and thank him for the time, and get some additional equipment and put an ad on monster.ca for another tech to grow your department - and look at the bright side. My experience is that most likely if you talk to the big cheese in his language (costs and risks) that this will all come to a screeching halt.

Either way - good luck with that! Political problems at the exec level are tricky at the best of times.

Related Discussions

Related Forums