On Thu, Jan 20, 2011 at 6:44 PM, Tom H <tomh0665 at gmail.com> wrote: > > You clearly work in an insecure environment. By who's definition? The fact that you're PC is connected to the internet place you in the same environment :) > No one should have access to anyone else's login. I have no admin > privileges over my desktop. If I need something installed or > uninstalled, I have to ask the Windows desktop support team who'll > access my box remotely after I accept their request to a access my box > in a popup on my screen. Of course, the Windows server support team > can access my roaming profile on their boxes but (I presume since this > is what we do and I don't know any of them to ask them) they'd have to > justify that acess. Yes, IT staff on a Windows Domain can access everyone's accounts, without their passwords or consent. Does it make it more secure? Yes. And No. IT staff can go rouge as well, just bear that in mind. Reminds me of a previous company I used to work for many years ago. Some of the IT admin scanned all incoming mail, especially if they contained any attachments. They casually copied whatever attachments they wanted to their own desktops, which was more often move clips, cracked games, music, pr0n, etc. Do you think management knew about this? Nope. Is it less safe than your environment? Really? Can you honestly tell me this doesn't happen in your company? > > There's absolutely no reason to "access a PC of a staff member who is > busy", that's terrible practice; and there's absolutely no way that > anyone should know anyone else's password (a punishable violation of > IT policy in our environment). True, and that's not what I said either. Both the OP and I am trying to say that sometimes you need to get onto a PC when the user is not actually there. And it's quite clear that all company's policies differ. Probably for a good reason since what works for one company doesn't work for another company. IF, on the other hand I worked at a financial institution or something like that then the security would have been more strict. I don't see the need for it in our office. -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532