Should IT Shops Let Users Manage Their Own PCs?

An anonymous reader writes "Is letting users manage their own PCs an IT time-saver or time bomb waiting to happen? 'In this Web 2.0 self-service approach, IT knights employees with the responsibility for their own PC's life cycle. That's right: Workers select, configure, manage, and ultimately support their own systems, choosing the hardware and software they need to best perform their jobs.'" Do any of you do something similar to this in your workplace? Anyone think this is a spectacularly bad idea?

Fuck no

[Nimey]

Some of my users would and can do a fine job of that, but they're outnumbered by the ones who aren't trained and/or bright enough to be trusted administering their own box. Click on shiny! free tool to clean spyware that it just detected when you visited this website, oh yes. Install all kinds of crap and wonder why the computer's crawling & BSODing. Get us audited by the BSA, etc.

Maybe for the better sort of user, but gods no for the unwashed masses.

Run it for an imperfect world

[Gription]

We have 7 techs supporting 2000+ computers in 800+ offices. We give guidance but we don't tell them they have to run them any any specific manner. The biggest advice is, "Boring is good".

License compliance is one detail were you can't offer any wiggle room. There are a number of good auditing software (including some free ones!) that will report on the installed software. That will keep you out of legal trouble.

well...

[Dzimas]

It depends on the organization. I used to work in a 20 or so person division of a software company in which the technical staff were allowed to configure and maintain their machines, within certain constraints. The funny thing is that the primary development team ended up with the same software on their machines, the consulting engineers ended up with their own tool suite, and the marketing guys just relied on the support staff to keep them running. There were a few differences as far as text editor and debugging tool preferences, but generally you could sit down at any machine and expect it to have everything you needed - a virgin install contained our core tools and network stuff anyway. That said, it was *really* nice to be able to install a necessary program or utility without having to go through layers of bureaucracy.

However, I've also done stints at telcos and other massive organizations where things were incredibly locked down out of necessity/paranoia. I never had too much difficulty getting tools/permissions that I needed, but that was probably because of my role within the IT group. Had I been a marketing guy trying to install some sort of whacky video software, things might not have gone so smoothly.

You're out of your mind

[Calyth]

I worked as help desk at a bioinformatics research facility, with roughly 200 people, and I can fit the number of power users that I could remotely trust to run their own machine in one hand. And 3 of them have gone over our heads - one wiped his own RHEL Linux (not that I'm a fan, but it's managed) with his own Ubuntu install, causing us grief when we change settings. He also cause a Kent State Computing Science PhD (who's more like a n00b who can't type his password right) to demand the "same" setup, burning up weeks of time for 2 out of 4 IT staff, myself included. The other 2 would routinely try to install pirated software on work computers.

And we do try to install software in time for our users. We would try to allocate the right software in time, and if there's no reasonable way to do it (i.e. the user can't get the funding), we try to offer alternatives. In the past, yes, the IT department had been sluggish, but the majority of them have left, and we do try to provide good service.

Apparently, in a bioinformatics research facility, most of the staff who do research don't know jack about computers, or how to maintain them. If the users are allowed to manage their own machine, I would spend so much time fixing machines, I would want to jump off the building.

Thank god I left that place. It was bad enough with the existing setup. To think that most users can maintain their machines is pure folly.

Depends on the company

[Quattro Vezina]

It entirely depends on the company. Small companies, Linux shops, and engineering-focused companies work better with people maintaining their own machines.

I work at a Linux-based network security startup. Engineers maintain our own Linux boxen, IT maintains the Windows boxes given to non-engineers. Most employees, engineers included, have Windows laptops assigned to them as well; those laptops are maintained by IT. Of course, we're a small company...IT consists of one person in our US office and one person in our India office.

Not much piracy concerns with Linux; we don't run any commercial distros on our desktops (we run a hodgepodge of Debian, Ubuntu, and Fedora), and none of us have any use for Linux commercial software.

Yes, we do this

[theolein]

I've been at a number of companies with totally opposite ways fo doing things. Currently, where I now work, we let users do mostly as they please. Surprisingly, the amount of support time isn't must greater than when one has to control the IT worker's every move. The greates part of support is still helping users with various software issues. Generally, it works quite well.

Re:I worked as a site tech in one place...

[DaedalusHKX]

Gee thanks. Here's the rest of that story:

Yes indeed, I had cultivated a few contacts at ITS dept, who later told me that the department heads and my local administrati had lined up a way to have me "removed" for not being "cooperative" with the principal and a few teachers and office staff.

While I couldn't stop the administrative staff from using my workstation or any computer (they outranked me) to pirate software, I did resist mightily... legal and bureaucratic repercussions were explained to them... (and we're talking games, and home software, not school related stuff or "just" photoshop... we're talking about a LOT of games).

I went up to ITS, and discovered that pretty much everyone was doing it, which is fine and dandy, but keep in mind that the software being pirated and the possible fines would be paid out of the tax money of the local residents (myself included.) That is actually one of the only reasons I didn't report them. The BSA would've sued the city or the school district, not the individuals.

Either way, they were on their way to getting me fired for not playing ball. I don't mind software pirates, but it is rather upsetting when they're doing it on someone else's dime, with someone else's hardware on someone else's CD's, namely bought with tax money, yours and mine.

So rather than be fired later for not playing ball, or turning them in only to get my other business and my property taxed even higher the next year, I quit early on and saved myself the headaches. I made more money from my own businesses anyways. It wasn't as steady as a "steady job", but at least contract work was far more honorable than the farce that passed for kindergarten and elementary schooling.

All in all, I remembered once more why I really didn't like being a participant in "public schooling"... as a student OR as an admistratus.

Re:They are valid ONLY for centralized operations.

[Xoltri]

No.They are not "valid answers" in a decentralized operation because there is no way you can backup the user's machines. Saying that "backups exist" does not address the question of HOW the backups are made when the user can put any file anywhere on their system.

You are wrong on this point since I manage a decentralized company with several remote sites and I have set up a solution to back up the documents on their computers. It uses memeo autobackup on the local machine which sends the files to a DLink DNS-323 NAS device. Then ftpsync (http://www.fileware.com/products.htm)synchs the files to our file server at our main office which is backed up onto tape daily. So it can be done. Memeo is a great program. It would even back up to a USB drive if you configure it that way, and all the user would have to do is plug in their drive and it does it automatically.