On Thu, Jan 20, 2011 at 3:47 PM, Jerry Franz jfranz@freerun.com wrote:
On 01/20/2011 02:55 AM, Rudi Ahlers wrote:
I don't agree with that, sorry.
A few years ago one of our staff members decided his salary isn't good enough so he started a side-line business, on our company time. He stole some of our client's data (contact details, emails, and even contracts) and sold it to 3rd parties. This went on for about 6 months before we actually realized what was going on.
Needless to say, he was fined heavily and sent to jail for 3 years. So, I don't care if you feel the PC is your's, as long as it's a company PC, with company data and company property, we will take a look at the data on it.
I'm not talking about your home / private PC, that's an altogether different story.
You are talking completely different issues. Allowing anyone walking past a machine to sit down and do whatever they want (which is stupid) is not in the least the same as having administrative access and auditing by IT (which is smart).
If you don't have full administrative access to the machine *independent* of people's day-to-day login accounts you are doing it wrong and need to hire a competent IT admin - because your current one doesn't know what heck they are doing.
-- Benjamin Franz _______________________________________________
Benjamin, I'm sorry to say this, but you're wrong!
Now, since we're doing the name-calling thing, let's get that out of the way.
Sometimes you need to access a PC of a staff member who is busy with something right now. And I'm not talking about administrative access. Sure, I can access any PC via root login, and frankly for that matter I can also reset any user's password via root login.
The message I'm trying to bring across is that users in the company shouldn't have passwords which admin doesn't know, or can't access. The PC's and data, well at least in our company, is the property of the company. Making it more difficult for an engineer to gain access to a user's PC automatically arises suspicion