On Thu, Jan 20, 2011 at 6:29 PM, Giles Coochey <giles at coochey.net> wrote: > On 20/01/2011 17:11, Rudi Ahlers wrote: >> >> The message I'm trying to bring across is that users in the company >> shouldn't have passwords which admin doesn't know, or can't access. >> The PC's and data, well at least in our company, is the property of >> the company. Making it more difficult for an engineer to gain access >> to a user's PC automatically arises suspicion >> > > Hi Rudi, > > Your stance on this is counter-intuitive to me, are you able to cite any > good reference which recommends that administrators know user passwords? > > -- No, I can't. But I've been running a hosting & development company for 9 years now and this is the first problem I get out of the way right on the first day of an employees job. I'm personally involved in the accounts department (when I actually get time) since I want to know what goes on in my company. I also work close with the developers when needed. We trust everyone in the office, and being it an open-plan office, it's easy to see if someone is at someone else's desk when they're not supposed to be. Staff logoff and shutdown every night, so that's not an issue. But, it is a big issue when a staff member goes on leave, or even just on lunch and switch-off their cellphones and I can't get hold of them to get a password to login to a PC if I need to. The account PC, for that matter is encrypted, with no network access so one needs to be in front if it to access the data. User accounts also doesn't mean much to me. I know how it sounds, but I care more about the data than the user's account. As long as I can access whatever I want, whenever I want. -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532