At our place (consutling shop, mostly laptops) we used to have a common "lock-down" policy in place.
Read: Don't install anything not approved. If you happen to enjoy it you are breaking the rules.
Unfortunatly due to the natur of our business this is counter-productive. No choice - nothings gets done. Projects/clients have requirements that are simply ignored by central IT. So there was a constant bending of the rules. It also falls short of malware. Nobody installs "evil software" on purpose. And virus scanners are not a viable prtection against root-kits.
We have turned this upside down. You can use whatever. Macs PCs. You can use whatever software. BUT you have to make sure that some best practices are being followed. Of course you have to run firewall and that (we provide these). You have to follow US-CERT alerts (everyone gets those through mail). Install all patches that are required for _your_ kit. If in doubt, talk to central IT. If an employee is willing to "sign" this he/she get's almost card blanche. Otherwise you will be stuck with office and Solitaire. Guess what people go for.
Grain of salt: All the people that are allowed to join this program are tech consultants.
I seriously doubt that they will get away with this.
If it's 6% of the traffic on./ then it's a measurable cost. I think one can spin that as a DDoS so just sue them. Or send at least a lovely cease & desist.
Slashdot Mirror
At our place (consutling shop, mostly laptops) we used to have a common "lock-down" policy in place. Read: Don't install anything not approved. If you happen to enjoy it you are breaking the rules. Unfortunatly due to the natur of our business this is counter-productive. No choice - nothings gets done. Projects/clients have requirements that are simply ignored by central IT. So there was a constant bending of the rules. It also falls short of malware. Nobody installs "evil software" on purpose. And virus scanners are not a viable prtection against root-kits. We have turned this upside down. You can use whatever. Macs PCs. You can use whatever software. BUT you have to make sure that some best practices are being followed. Of course you have to run firewall and that (we provide these). You have to follow US-CERT alerts (everyone gets those through mail). Install all patches that are required for _your_ kit. If in doubt, talk to central IT. If an employee is willing to "sign" this he/she get's almost card blanche. Otherwise you will be stuck with office and Solitaire. Guess what people go for. Grain of salt: All the people that are allowed to join this program are tech consultants.
I seriously doubt that they will get away with this. If it's 6% of the traffic on ./ then it's a measurable cost. I think one can spin that as a DDoS so just sue them. Or send at least a lovely cease & desist.
Actually, I think the guy that is minced meat by now worked here:
/Employment.woa/9/wo/nE5mHpaXmNp0hiHXhgwipg/10.2.2 2.9.2.0.122.3
https://jobs.apple.com/cgi-bin/WebObjects
(Search for job ID 1978437 on jobs.apple.com)