The Importance Of End-User Policies And Procedures Part II
- 1
- Add a Comment
Help desk managers have a duty to protect company assets by reporting any unauthorized software and hardware installations. But what specifically can the help desk manager do?
That answer depends on how your information technology department is staffed. In some organizations, the same person who administers the network is also the person who oversees technical support operations. In other organizations, the help desk manager may have to get support from the network administrator to establish security policies or to physically lock down user machines.
No matter who has ultimate authority, the help desk manager is usually the first person to learn about unauthorized installations. Users inevitably make the mistake of calling for help getting Quake to run on the network or installing the nifty new USB port they bought over the weekend. Help desk analysts should inform management as soon as they find out someone is installing (or trying to install) unauthorized applications and devices.
No one likes to be told what to do. The problem with trying to tell people they cannot do something is that they push back. Everyone wants to know why they cannot just install whatever software or hardware they need on their machines. Without any policies in place, users will likely assume they can install whatever they choose, with or without help from the support team.
One Comment
mhz
May 2nd, 2008
at 2:19pm
The ability to enforce the computer operating policies swings on a pendulum. A few years ago with the Windows NT4 rollout, my large organization was able to implement restrictions on software/hardware installation, and middle management was able to enforce/explain it.
But any restrictions on end users *eventually* build up tension and frustration at that end, inevitably leading to backlash at the management levels.
Fast forward a few years, and you’ll see management decisions letting things go back the other way, removing restrictions from end users, with IT dept eating the cost of user exploration and freedom. Only large scale infection/system compromise with costly/embarrassing results can convince end users that they need to be protected from themselves. Then the pendulum begins to swing back toward user (and their management) acceptance of restrictions.
Its a tug-o-war that is endless. Regardless of the level of end user education, this pendulum will continue to swing.