Oh, in my career, this works fine: I tell my boss "WTF is IT smoking, I'm not putting up with this", and my boss says "just ignore it". Don't get the wrong impression, my boss isn't going up the ladder or negotiating with IT: he's just betting that IT lacks either the resources or the power to actually enforce the policy, and is willing to take the heat if he's wrong. Then your boss is part of the problem and your IT department is incompetent. All the tools needed to monitor and lock down a network are freely available.
IT makes arbitrary decisions to make their job easier with no concern for how it will hurt users, because that's easy. Your IT deparment might do that, but we've already established that they're incompetent. IT decisions should never be arbitrary. I'm lazy, if I don't have a reason to do something I don't do it.
Never is a cost-benefit analysis done. Wow! Perhaps your entire company is incompetent. I have to justify everything that I do and I can....of course I also work closely with the people I support in an effort to balance security, organization and freedom.
making the "create the product" job harder in order to make the "overhead" job easier is not the path to success. So you aren't able to communicate your needs to your management or abide by their directions?
I'm curious how you generate revenue. Most IT departments these days are contracted out I wouldn't say most.
so of course they generate revenue for the contract company, but I doubt that's what you meant. No, I think consulting is a four letter word. In my experience contracted IT means someone comes in, does a half-assed job with no regard for the future, collects their money and leaves. I'm sure there must be good IT outsourcers out there but I have yet to work with one.
Perhaps you decrease operating costs, and thereby increase the bottom line? TCO/ROI is all part of it but I also design and put custom systems in place to satisfy the needs of my company's clients.
It would have just been too hard to be a decent person and give time to copy the stuff off.
But no, he signed his employee contract, so it's ok to be a dick as long as a piece of paper says you are right.
You are everything that is wrong with the world today. No, I'm afraid that would be you.
You don't take responsibility for your own actions and you blame the concequences on some one else.
For ever sinlge person that thinks it's okay to store 30gig of non-work related data on a network there are 100 others that think the same thing.
I'm sure you can do the math to figure out how much disk space is being wasted at that point.
Factor in that that data is hitting my tapes. Factor in that that data is being replicated to an off-site SAN that charges by the gig for storage and the bandwidth to transfer it isn't free either. Factor in that you're wasting my time.
That even disregards your comment that this was so bad that you think someone should be terminated, possibly seriously affecting their life. In most cases I would simply delete the data and let the person know that they shouldn't store personal data on the server... but yes, I have put three people out of their jobs in the last year for violating company policy.
So I guess I'm a dick and so is every managemnet person I work with up to the CEO who approved the terminations.
Why don't you do the world a favor and note that you violate company policy and waste company resources on your resume?
So basically what you're saying is that at every major place you've worked at, you've had an idiot. You know what, we've all had a few of those, ...and those idiots, simply by their actions, had the ability to directly affect every aspect of your job every day to the point of directing your actions, priorities, policies and budgets?
and for some of us, some of those idiots were in the IT department. Oh, don't get me wrong, I'm no fan of the majority of IT people myself.
You ask why I should be treated differently? I am under the assumption that they hired me for my specialty, and that I have a base knowledge of what I'm doing. ...and the members of IT shouldn't be working under the same assumption and treated with the same amount of respect you expect?
If the IT department fails to give me to tools I need, how am I suppose to be effective? The IT department isn't responsible for giving you tools... YOU are responsible for requesting and justifying the tools you believe you need and getting them okayed by your company's management.
I'm advocating tiered access. You can't just blanket a development shop with a business area and hope everyone will be happy. We have different needs and technical expertise. What is a development shop supposed to do with a base installation? You can't develop things using a text editor. And you definitely can't develop web applications if you can't setup a web server somewhere. Nor can you submit change requests to IT everytime a small setting needs to be changed. I completely agree... and there should be policy and procedure in place that allows for that. "IT said I couldn't, so I did it anyway" is no way to run a business.
My current development team, in fact, has complete control over their development servers... and the complete responsibility for what they do to them.
Believe it or not when they occasionally screw something up I even help out to fix it.
IT department can't just lock things up and say, "Well, we did our job, the system is locked up tight, nothing will go wrong."
All they've really done is lock up the place, and prevent any legitimate work from taking place. Granted, your job is done, but at the expense of everyone else's job. Again, I agree. But "I do what I want and screw them" is not how you fix that issue. Doesn't your company have any managers?
Sure, I wouldn't want an IT guy changing the development I'm working on, but at the same time, I wouldn't release an application to a client with the system locked and unable to accomplish what it was initially intended to do. Nor would I... but that's not the point.
As an IT guy I can't answer a question I wasn't asked... and if I was asked and said no then you go up the food chain to someone you think might give you the answer you want. I assume there's at least one person of authority in your company whose orders you would follow if they gave you one?
Wow! The IT doesn't generate revenue argument... how unoriginal and the reason that developers have the reputation of being prima donnas. I assure you, I generate revenue... and I have the paperwork to prove it.
It's very few people that would suggest that asking a question of management and then respecting their answer is outside of their job responsibilities... or, at least, it should be.
I don't feel the need to take responsibility for having to dig chocolate cake out of a DVD ROM Drive... but was asked to.
I don't feel the need to take the responsibility for being asked to diagnose a machine that won't boot up that smells UNMISTAKEABLY like cat urine... but was asked to.
I don't feel the need to explain why I deleted your iTunes directory off of my server that was taking up 30gigs of storage space... but was asked to.
I'll be the first to tell you that about 80% of the people that work IT these days have no business doing the job, but there's good reason that even some of the good ones are more than a bit on edge from time to time.
Well, this rogue moron has to install stuff on his own, because our IT support department treats the development teams as if we don't know what we're doing, and applies the same policies for business users to us. At one of the MAJOR development houses I worked for, when asked by the marketing department for a snippet of code to use as ART to put on the box of a retail software product, the developer gave the marketing department code that would have allowed anyone in the world to log into our software development R&D server as administrator over the internet (with addresses, username and password included)... and yes, it made it onto the box and was sitting on the shelves of every major software retail shop in the free world.
At another we caught one of our development managers selling trade secrets to our competition.
At another I watched an engineer smoke a computer and an O-scope because he didn't know the difference between black and white.
So... why should you be treated any different?...and even if YOU should be treated different who's to say the guy sitting next to you should be?
How can I be expected to do my work, if I can't even install an IDE, because it doesn't fit the standard image they have? That's a matter to be discussed through proper channels isn't it? You wouldn't want an IT guy changing what you're working on without telling you would you?
Which brings us to the inevitable, if unfortunate, conclusion of the problem:
"We" are left to impose a limit on that set of variables.
As the administrator that has complete power over every aspect of the network it's my responsibility to manage, any and all efforts I make to maintain security, maintain order and prevent end-users from violating company policy are justified no matter how draconian they are....and the end-users suffer even more frustration over restrictions.
Instead I think IT departments should listen harder to what their users are saying and make every reasonable effort to relieve frustrations.
This is unquestionably true. A large part of my job is to facilitate the productivity of my company's employees....and for the record I have always made an UNREASONABLE effort to do just that at the cost of sleep, health and sanity.
If they simply let us set up an internal Jabber network, with full logging and no connections outside the intranet, my team would have been very happy.
Keeping in mind the amount of people who are constantly screaming in their ears every minute of every day I'd have to say no, it's simply not simple.
Let me ask you this: you install your (insert non-IT overseen project here), it's perfect, works great because you manage it well and costs the IT department nothing. It works so well it becomes mission critical.
You get promoted, get a new job... or get fired.
Now the system you set up with no help or oversight from the IT department is dropped in the laps of the IT department who were never given the budget, resources, man-power or time to take on the project in the first place.
So... you have now backended a project onto the top of the IT depratment's priorities that is going to sap time, money and resources from other projects without having to go through any of the trouble that your IT departmnet has to go through to justify every decision they make and every dollar they spend.
(People wonder why IT employees are always pissed off.)
How does that have no impact?
(Sounds a bit like I've had to deal with this sort of thing more than once doesn't it?)
Except that in most cases YOU just hindered the technoplogy of the whole company because you took it upon yourself to work outside of what the IT department had planned and now they are wasting their time cleaning up what you did instead of working on what they are supposed to be working on. What cleanup? What hinderance? The administrators never found out about it. It was safe, encrypted, and used a very tiny amount of bandwidth. I agree it was "wrong" but it relieved a lot of frustration at zero expense to anyone. ...and that's the problem: YOU are not the person qualified or more importantly RESPONSIBLE to make that decision on a company wide basis. If you aren't in IT you were not involved in the decisions made with the company management that decide the course of the company.
Because they don't know, for all you know you've opened up a massive security hole that you know nothing about.
How 'bout putting in a request and maybe getting the real story from one of your IT guys about why IM isn't their highest priority? Why do you assume I didn't officially request IM? I did and was flat denied. My boss and his boss asked that we get IM and were also denied. We were told the risk of getting a virus over IM was too great. They even refused to let us set up and administer our own internal Jabber server. Even though it wouldn't be open to the internet they still refused. Because you didn't mention that you did.
So then you ask the question of someone whom the IT management reports.
Do you and your boss make it a habit of arrogantly violating company policy?
Where I work we are requied to STRICTLY adhere to a large set of FCC, FTC, SEC and PCI rules... but you go ahead and take it upon yourself to get the company sued and in trouble with the federal government. This was a company registered and monitored by the SEC. I was trained in SOX compliance. Since at no time did any of us use IM to communicate with a client, and our messages were encrypted, we remained in full compliance. That may be true for your case... I'd love to be able to trust end-users, but if you've ever worked in corporate IT you know that it's very rare that you can.
Even with that said... you know you violated company policy and still see nothing wrong with that. So why sould the person who isn't as tech savy as you may be care any more than you do?
The point is don't hinder technology for a whole company only because you're afraid one ignorant user will bring in a virus. If power users want something, it's typically because it'll make them better at their job. Figure out a way to let them have it.
Except that in most cases YOU just hindered the technoplogy of the whole company because you took it upon yourself to work outside of what the IT department had planned and now they are wasting their time cleaning up what you did instead of working on what they are supposed to be working on.
How 'bout putting in a request and maybe getting the real story from one of your IT guys about why IM isn't their highest priority?
Where I work we are requied to STRICTLY adhere to a large set of FCC, FTC, SEC and PCI rules... but you go ahead and take it upon yourself to get the company sued and in trouble with the federal government.
You might as well... it's not like we're getting paid extra for doing everyone elses work.
I can tell you just how much we love having rouge morons installing crap without any planning and then having that crap land in our laps.
Any company that thinks they don't need an organized IT department that has control over the systems the company uses should try having no upper management for a while and see how that works out.
He wants to know, generically, how you decide that what you're using is the wrong choice.
When the consultant your boss hired, for four times the rate the programmer that created the system was being paid, who quit becasue he wasn't getting paid enough, tells you that Microsoft, C# and.NET are the best tools for the job becasue that's the only technology he's ever used and what he's being paid to schlep.
My Charter service does the same thing. Leave it to a bunch of marketing nimrods to disable a troubleshooting tool so you can't tell the difference between a page not found, site not found or DNS error.
So... I simply blacklisted Charter's redirection site in my firewall and proxy server.
You're assuming that the engineering and/or programming department bothered to tell the I.T. department anything about the project they're working on that might cause a future load.
Sysadmin == Always the last to know (often after something's been in production for a month or two and is starting to fail), when he/she should have been the first.
Windows has a POSIX subsystem which is 100% compliant. One can make full use of it using Windows Services for Unix. It even has device files (unlike OS X) and even handles signaling correctly (unlike OS X), plus it takes POSIX code from HP/UX, Solaris, Linux and appears to compile them fine.
Yeah... I've used it, or had the unfortunate need to use it, I guess I should say. It worked okay, sort of, most of the time. They used to charge and arm and a leg for it. It's nice that they make it available free of charge now.
I'm not a Windows advocate, or any particular OS advocate. Just be careful what you wish for -- You might just get it.:)
MS did write a custom version of NT3.51 that was 100% POSIX compliant for DEC (I think it was) but they never made it available to the public.
Any Unix like, POSIX compliant* operating system is welcome as far as I'm concerned.
As soon as OSX is able to run on my non-Mac platform, has a proven track record of stability and performance in a production environment and is free I might just start using it myself.
No kidding... I sure hope it isn't going to be a product that runs under Windows becasue most of my frustration is caused by Windows not working properly.
Slashdot Mirror
All the tools needed to monitor and lock down a network are freely available. IT makes arbitrary decisions to make their job easier with no concern for how it will hurt users, because that's easy. Your IT deparment might do that, but we've already established that they're incompetent.
IT decisions should never be arbitrary. I'm lazy, if I don't have a reason to do something I don't do it. Never is a cost-benefit analysis done. Wow! Perhaps your entire company is incompetent.
I have to justify everything that I do and I can.
Doesn't sound like the issue is with IT to me.
But no, he signed his employee contract, so it's ok to be a dick as long as a piece of paper says you are right.
You are everything that is wrong with the world today. No, I'm afraid that would be you.
You don't take responsibility for your own actions and you blame the concequences on some one else.
For ever sinlge person that thinks it's okay to store 30gig of non-work related data on a network there are 100 others that think the same thing.
I'm sure you can do the math to figure out how much disk space is being wasted at that point.
Factor in that that data is hitting my tapes. Factor in that that data is being replicated to an off-site SAN that charges by the gig for storage and the bandwidth to transfer it isn't free either. Factor in that you're wasting my time. That even disregards your comment that this was so bad that you think someone should be terminated, possibly seriously affecting their life. In most cases I would simply delete the data and let the person know that they shouldn't store personal data on the server... but yes, I have put three people out of their jobs in the last year for violating company policy.
So I guess I'm a dick and so is every managemnet person I work with up to the CEO who approved the terminations.
Why don't you do the world a favor and note that you violate company policy and waste company resources on your resume?
Because it's my company's storage space and "you" signed a document when "you" got hired outlining, in detail, the acceptable use policy.
The real question is why didn't I have "you" summarily terminated as well.
My current development team, in fact, has complete control over their development servers... and the complete responsibility for what they do to them.
Believe it or not when they occasionally screw something up I even help out to fix it. IT department can't just lock things up and say, "Well, we did our job, the system is locked up tight, nothing will go wrong."
All they've really done is lock up the place, and prevent any legitimate work from taking place. Granted, your job is done, but at the expense of everyone else's job. Again, I agree. But "I do what I want and screw them" is not how you fix that issue. Doesn't your company have any managers? Sure, I wouldn't want an IT guy changing the development I'm working on, but at the same time, I wouldn't release an application to a client with the system locked and unable to accomplish what it was initially intended to do. Nor would I... but that's not the point.
As an IT guy I can't answer a question I wasn't asked... and if I was asked and said no then you go up the food chain to someone you think might give you the answer you want. I assume there's at least one person of authority in your company whose orders you would follow if they gave you one?
Wow! The IT doesn't generate revenue argument... how unoriginal and the reason that developers have the reputation of being prima donnas. I assure you, I generate revenue... and I have the paperwork to prove it.
It's very few people that would suggest that asking a question of management and then respecting their answer is outside of their job responsibilities... or, at least, it should be.
I don't feel the need to take responsibility for having to dig chocolate cake out of a DVD ROM Drive... but was asked to.
I don't feel the need to take the responsibility for being asked to diagnose a machine that won't boot up that smells UNMISTAKEABLY like cat urine... but was asked to.
I don't feel the need to explain why I deleted your iTunes directory off of my server that was taking up 30gigs of storage space... but was asked to.
I'll be the first to tell you that about 80% of the people that work IT these days have no business doing the job, but there's good reason that even some of the good ones are more than a bit on edge from time to time.
(What is it, bash IT day?)
At another we caught one of our development managers selling trade secrets to our competition.
At another I watched an engineer smoke a computer and an O-scope because he didn't know the difference between black and white.
So... why should you be treated any different?
Which brings us to the inevitable, if unfortunate, conclusion of the problem:
...and the end-users suffer even more frustration over restrictions.
"We" are left to impose a limit on that set of variables.
As the administrator that has complete power over every aspect of the network it's my responsibility to manage, any and all efforts I make to maintain security, maintain order and prevent end-users from violating company policy are justified no matter how draconian they are.
Instead I think IT departments should listen harder to what their users are saying and make every reasonable effort to relieve frustrations.
...and for the record I have always made an UNREASONABLE effort to do just that at the cost of sleep, health and sanity.
This is unquestionably true. A large part of my job is to facilitate the productivity of my company's employees.
If they simply let us set up an internal Jabber network, with full logging and no connections outside the intranet, my team would have been very happy.
Keeping in mind the amount of people who are constantly screaming in their ears every minute of every day I'd have to say no, it's simply not simple.
Let me ask you this: you install your (insert non-IT overseen project here), it's perfect, works great because you manage it well and costs the IT department nothing. It works so well it becomes mission critical.
You get promoted, get a new job... or get fired.
Now the system you set up with no help or oversight from the IT department is dropped in the laps of the IT department who were never given the budget, resources, man-power or time to take on the project in the first place.
So... you have now backended a project onto the top of the IT depratment's priorities that is going to sap time, money and resources from other projects without having to go through any of the trouble that your IT departmnet has to go through to justify every decision they make and every dollar they spend.
(People wonder why IT employees are always pissed off.)
How does that have no impact?
(Sounds a bit like I've had to deal with this sort of thing more than once doesn't it?)
Because they don't know, for all you know you've opened up a massive security hole that you know nothing about. How 'bout putting in a request and maybe getting the real story from one of your IT guys about why IM isn't their highest priority? Why do you assume I didn't officially request IM? I did and was flat denied. My boss and his boss asked that we get IM and were also denied. We were told the risk of getting a virus over IM was too great. They even refused to let us set up and administer our own internal Jabber server. Even though it wouldn't be open to the internet they still refused. Because you didn't mention that you did.
So then you ask the question of someone whom the IT management reports.
Do you and your boss make it a habit of arrogantly violating company policy? Where I work we are requied to STRICTLY adhere to a large set of FCC, FTC, SEC and PCI rules... but you go ahead and take it upon yourself to get the company sued and in trouble with the federal government. This was a company registered and monitored by the SEC. I was trained in SOX compliance. Since at no time did any of us use IM to communicate with a client, and our messages were encrypted, we remained in full compliance. That may be true for your case... I'd love to be able to trust end-users, but if you've ever worked in corporate IT you know that it's very rare that you can.
Even with that said... you know you violated company policy and still see nothing wrong with that. So why sould the person who isn't as tech savy as you may be care any more than you do?
The point is don't hinder technology for a whole company only because you're afraid one ignorant user will bring in a virus. If power users want something, it's typically because it'll make them better at their job. Figure out a way to let them have it.
Except that in most cases YOU just hindered the technoplogy of the whole company because you took it upon yourself to work outside of what the IT department had planned and now they are wasting their time cleaning up what you did instead of working on what they are supposed to be working on.
How 'bout putting in a request and maybe getting the real story from one of your IT guys about why IM isn't their highest priority?
Where I work we are requied to STRICTLY adhere to a large set of FCC, FTC, SEC and PCI rules... but you go ahead and take it upon yourself to get the company sued and in trouble with the federal government.
You might as well... it's not like we're getting paid extra for doing everyone elses work.
I can tell you just how much we love having rouge morons installing crap without any planning and then having that crap land in our laps.
Any company that thinks they don't need an organized IT department that has control over the systems the company uses should try having no upper management for a while and see how that works out.
In a perfect world this would actually work.
Yeah... if end-users weren't complete idiots.
Time between installing a new, clean system and the first piece of spyware installed by an end user: ~15 minutes.
He wants to know, generically, how you decide that what you're using is the wrong choice.
.NET are the best tools for the job becasue that's the only technology he's ever used and what he's being paid to schlep.
When the consultant your boss hired, for four times the rate the programmer that created the system was being paid, who quit becasue he wasn't getting paid enough, tells you that Microsoft, C# and
My Charter service does the same thing. Leave it to a bunch of marketing nimrods to disable a troubleshooting tool so you can't tell the difference between a page not found, site not found or DNS error.
So... I simply blacklisted Charter's redirection site in my firewall and proxy server.
Beat me to it.
"Have you seen this boy?"
The original Castle Wolfenstein.
Achtung! Damn exploding treasure chests.
http://en.wikipedia.org/wiki/Castle_Wolfenstein
Yep... so much for equal protection under the law and the 4th amendment.
I find it amusing that they've excluded anyone that might have experienced the Nazis first hand.
You're assuming that the engineering and/or programming department bothered to tell the I.T. department anything about the project they're working on that might cause a future load.
Sysadmin == Always the last to know (often after something's been in production for a month or two and is starting to fail), when he/she should have been the first.
We can't fix what we don't know about.
Like "good".
Windows has a POSIX subsystem which is 100% compliant. One can make full use of it using Windows Services for Unix. It even has device files (unlike OS X) and even handles signaling correctly (unlike OS X), plus it takes POSIX code from HP/UX, Solaris, Linux and appears to compile them fine.
:)
Yeah... I've used it, or had the unfortunate need to use it, I guess I should say. It worked okay, sort of, most of the time. They used to charge and arm and a leg for it. It's nice that they make it available free of charge now.
I'm not a Windows advocate, or any particular OS advocate. Just be careful what you wish for -- You might just get it.
MS did write a custom version of NT3.51 that was 100% POSIX compliant for DEC (I think it was) but they never made it available to the public.
...or, at least, close enough.
Any Unix like, POSIX compliant* operating system is welcome as far as I'm concerned.
As soon as OSX is able to run on my non-Mac platform, has a proven track record of stability and performance in a production environment and is free I might just start using it myself.
No kidding... I sure hope it isn't going to be a product that runs under Windows becasue most of my frustration is caused by Windows not working properly.