Slashdot Mirror


IT Practice Within Microsoft

SilentChris writes "Good article over at CNet regarding Microsoft's internal IT practices. Some intriguing statements from the CIO, from the obvious ('It's an easy choice for me--to run Microsoft technology. We don't run Unix. We don't run Linux. We don't run Oracle.') to the not-so-obvious ('Our users are the admins of their machines. They can load whatever software they want on their machines, but we do audit the network continuously.') I wonder how much time is spent combatting spyware?"

17 of 508 comments (clear)

  1. No wonder they're laggin behind... by Folmer · · Score: 4, Insightful

    I thought that it was normal corporate behaviour to look at their competitors. Long time ago there was a story here on /. where one of the lead devs of IE admitted that he ran firefox. But when this guy doesnt run *nix and oracle, how should he be able to compete with them?

    1. Re:No wonder they're laggin behind... by ERJ · · Score: 5, Insightful

      Eh, this is talking about their IT infrastructure. It would look pretty bad if it was based on unix servers and oracle databases.

      I'll bet you anything that they have unix servers and oracles databases for comparison purposes though.

    2. Re:No wonder they're laggin behind... by fitten · · Score: 5, Insightful

      Maybe because this is the company's internal IT practices, basically what they do to run their shop. He isn't talking about the product strategy groups who go off and do exactly what you are saying.

  2. No, that one is obvious too by PhysicsGenius · · Score: 5, Insightful
    Our users are the admins of their machines. They can load whatever software they want...

    That's the only way to run a network of computer-savvy users. Imagine a metalworking shop that wouldn't let the machinists adjust their own wrenches. You'd have to put a call-ticket in to "Tool Technology Support" and after a few hours (if you are lucky) or days (if you aren't) some kid comes over who doesn't know anything and tries to adjust your hammer.

    1. Re:No, that one is obvious too by Doctor+Crumb · · Score: 3, Insightful

      Most programmers are not sysadmins. A better analogy would be a metalworking shop that wouldn't let the truck driver adjust the wrenches. He may or may not be qualified to do it, but it's not his job.

      If you are one of those rare programmers with sysadmin skills, get a job as a sysadmin and you will quickly learn that most users should not be let anywhere near a computer, let alone given admin.

    2. Re:No, that one is obvious too by IceFox · · Score: 3, Insightful

      It all make sense!

      So this is why users in the real world need admin! Until internally they force their developers to only use user account there will always be problems. As a developer I can bet you that if I always have admin I will take the shortcut and not bother making sure it works 100% if I run it as a user that has no admin right. I always wondered why so many of their apps (MS Word needs write access to win32/ ???) require that you let them touch (not just read) files outside of your home directory. Know I know.

      Well I am happy. With this knowledge I know that Longhorn wont force users to only write to home directories like in Unix/Linux and virus's/bugs/spyware will continue to exists and they will only cause their Microsoft own downfall. This was the only feature that I figured would save Microsoft.

      -Benjamin Meyer

      --
      Do you changes clothes while making the "chee-chee-cha-cha-choh" transformation sound?
    3. Re:No, that one is obvious too by Stradivarius · · Score: 3, Insightful

      A closer analogy would be that the machinist has a better wrench out in his truck but isn't allowed to just bring it in the building and use it. First he must put in a call-ticket, then hope that the helpdesk is willing to send somebody out to his truck, carry the new wrench inside, and put it in his working area. Because "it's not the machinist's job" to do that stuff.

      The point is that centralizing common and simple tasks wastes everyone's time - the support guy and machinist alike.

      Helpdesk is probably understaffed, and almost certainly has (at least from their perspective) more important things to do. Meanwhile, the machinist is stuck with an inferior tool until he can work the bureaucracy to get the new wrench in.

      The company loses too because it's using inferior tools, simply because the guys who use them aren't empowered to change their work environment.

      And not only is it extraordinarily difficult to bring in new but known-to-be-better tools (sometimes even free ones!), but forget trying to experiment with a tool to find out if it's better. Try convincing an overworked support guy that you really need this application installed because you want to try it out. You'll see snowballs in hell before that tool gets installed. Not through any fault of the support guy - he's just being rational and allocating his limited time to higher priorities. But the system is clearly flawed.

      In contrast, if the developer could admin his own machine, he could install something, try it out, and if it's helpful other developers could start using it too.

      Now is it possible that the developer could accidentally install malware if he has admin? Sure. But that's why Microsoft monitors their network - they can catch and correct mistakes that happen. They no longer handicap the developers, and IT doesn't have to babysit on simple things like application installs. The company reaps the productivity awards accordingly.

      Car manufacturers and other corporations learned years ago that giving the person closest to the problem the power to solve it lets them avoid bottlenecks and reap massive productivity gains. Somehow, the conventional wisdom on IT management hasn't quite caught up yet with the rest of the management world.

  3. We don't run Unix. We don't run Linux. by Zocalo · · Score: 4, Insightful

    So, if "We don't run Unix. We don't run Linux.", then WTF did Microsoft feel the need to pay SCO all those millions of dollars for UNIX licenses? Unless, of course, the money actually came out of the "Marketing/FUD" budget instead the "Software Licenses" budget...

    --
    UNIX? They're not even circumcised! Savages!
  4. Software company, not bozos by dazedNconfuzed · · Score: 5, Insightful
    ('Our users are the admins of their machines. They can load whatever software they want on their machines, but we do audit the network continuously.') I wonder how much time is spent combatting spyware?"


    Pardon me for standing up for them, but ... it's MICROSOFT. They have a lot of smart talented software engineers who are just as capable of administrating their own computers as those writing for /. - and whatever is missed, like some spyware, gets picked up by the continuous network audit.


    Peeves me off when the people writing the software are not trusted to administrate their own computer which they are writing software for (or some equivalent thereto). What's with this growing American sentiment that nobody should be trusted with tools, that only someone special should be (without noting the perversity that if nobody can be trusted, then nobody can be trusted)?

    --
    Can we get a "-1 Wrong" moderation option?
  5. No *nix? by anderiv · · Score: 4, Insightful

    We don't run Unix. We don't run Linux. We don't run Oracle. We're 100 percent Windows, SQL Server.

    That makes for a great testing environment for Windows Services for UNIX, huh?

  6. Best practices by RealProgrammer · · Score: 3, Insightful

    With every user at MS an Administrator of their own machine, it's no wonder that it's so hard to implement any other security model using Windows.

    I hope some of those users are smart enough to give themselves a luser account and run under it ... but wait, that doesn't work well in an enterprise using Active Directory, does it?

    Maybe they have an enforced policy of using anti-spyware and anti-virus software ... but Microsoft doesn't make any.

    Maybe they have extensive training classes with stock options going to those who don't spread viruses (sort of like those "accident free days" campaigns you see at some companies). But wait, no one wants their stock any more ...

    Oh well, they're Microsoft -- they must know what they're doing.

    --
    sigs, as if you care.
  7. A Sound Knee-Jerk Reaction by EXTomar · · Score: 4, Insightful

    The people often bitten the worst by Spyware/Malware are very smart, very computer savy people. The problem is they don't realize all of the tricks that they will use to get onto your system. Besides, it can't happen to them! Many times people will recognize they've been bitten right away by an accident misclick but by then its too late.

    So while people might not be idiots, most should never be trusted with elevated privilages. But Windows does give you an option (or they are very painful) so load up the maintaince costs with all sorts of software and network monitoring because MS refuses to learn lessons painfully realized 20 years ago.

    For the love of all that is good and holy, I wish MS would abandon certain technologies (Active X hosting in application frameworks), I wish MS would stop requiring user level tasks with elevated privilages, and I wish people would stop making excuses for MS. Reinstalling from a backup image is not the proper way to fix problems on a platform that is supposed to be "enterprise enabled".

  8. Re:From the article by Twanfox · · Score: 4, Insightful

    One big thing I heard comes from Oracle. Oracle (the company) runs Oracle (the database). It was a mandate put down from on high and seems to make at least a modest amount of sense.

    Think of it this way. The biggest way that you figure out that something should be tweaked is if you are the user of the system. Those admins that never use the systems that they deploy and work on have quite a big harder a time trying to understand just what the program is trying to do, and what to do about it when it fails. To add to that, they never come across bad quirks that noone mentions because they're just that, quirks. It doesn't cause the system to fail or halt or mangle any data, but it sure is annoying when it does it.

    To live and die by your own software is not a bad thing. It gives you not only the developer's perspective of design and impliment a solution, but also allows you to see whether or not what you made is actually useful. Don't read too much into this post, like I support Microsoft totally (they can be quite an ass of a company), but the mentality is sound and used in more companies than just Microsoft.

  9. How can you compare without use? by SuperKendall · · Score: 3, Insightful

    I'll bet you anything that they have unix servers and oracles databases for comparison purposes though.

    Probably they do, but how mcuh real comparison can you do without running production systems? It could be just a small piece, but to ignore what it's like to maintain other products in production is short-sighted, I would say.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  10. The problem is that many savvy users aren't by Sycraft-fu · · Score: 5, Insightful

    I work for an Electrical and Computer Engineering department. Now one would think that the Computer Engineers at least would be competent. Well, not so much actually. Most of them are... how to put this... MORONS when it comes to computers.

    We have a Internet Technologies Lab. This is the lab where they study networking and so on. These are the engineers taht study this, they have degrees in this. However they have the most piss poor understanding of network fundimentals and security I've ever seen. They get boxes hacked all the time, they continually have problems with simple things like getting their subnet set correctly, and if their switch goes down plugging it in is too complecated a concept.

    Just because somone works ina computer related field, doesn't mean they are good at the support end of computers. I'd like to think that programmers and engineers ought to know enough to avoid spyware and such, but I know from experience that's not the case. Just because they can write good code doesn't mean they are good system administrators.

  11. Re:WTF? CIO implies little talent here in USA? by Tet · · Score: 3, Insightful
    There are (supposedly) a gazillion out of work or underemployed computer scientists. The idea that they can't find what they want here in the states is just preposterous.

    A gazillion out of work and a gazillion that I'd want to employ are two very different things. I have a hard enough time recruiting for a department of 15, let alone trying to do it at the sort of scale he's talking about. The truth is that Sturgeon's Law holds just as well for IT staff as for anything else. In fact, if my experiences are anything to go by, he was being optimistic...

    --
    "The invisible and the non-existent look very much alike." -- Delos B. McKown
  12. Re:Totally Incoherent Answers by Jester99 · · Score: 4, Insightful

    Obligatory rant here...how do they know it's the best product if they never run anything non-microsoft.

    The point is they're eating their own dogfood. They may not have the absolute best product in the world, but it does everything they need it to do. If the only way to get feature X is to install Oracle WhizBangPro 5.0, they refuse to do it: they just write that feature into their own software. And thus, their software has all the features they need.

    Given that the IT needs of Microsoft probably rival or surpass almost any other organization, I'd say that probably qualifies their products as at the very least among the best.