IT Professionals
Lockergnome
Home
Author Avatar

The Importance Of End-User Policies And Procedures Part III

by Diana Huggins on May 5, 2008 at 10:00 am · Comments
Categorized by Tips / More Information

One way to eliminate confrontations with users is for companies to establish policies that specifically outline what users can and cannot put on their machines. Put those policies through the normal corporate approval process, publish the approved policies on the intranet, and make sure all managers in the organization inform their staff about the policies.

Policy statements do not have to be long-winded. Here are some examples of policy statements that establish what users can and can not do:

  • The help desk department shall provide technical support and services only for those applications and devices that have been approved by the information technology department.
  • No software or hardware of any kind shall be installed on any company desktop, laptop, or server computer without prior approval by the information technology department.
  • No unauthorized access or attempted access to the company network via wireless connection of any kind is permitted. Wireless data connectivity is limited to evaluations or projects sponsored by the data network services team.
  • Wireless access must be secured based on supporting standards.
  • Remote access to the company network is granted only for legitimate business needs, and that access must conform to data security, audit, and regulatory requirements set forth in related policies and supporting standards.

What these statements tell users is that “nothing gets installed on company computers without approval and no one gets remote access without approval.” To give such policies administrative teeth, you may want to define specific consequences or penalties for anyone who violates them. At the least, you should authorize the tech support staff to uninstall any unauthorized software or hardware whenever it is encountered.

Once policies are in place and have been communicated to users, the help desk has an out that lets it refuse to provide support or help to an end user who does something against official company policy.

Tags: , ,

What are your thoughts?

RSS feed for comments on this post · TrackBack URI

All Comments and Trackbacks are moderated (unless you're a registered user). Regardless, this page will refresh when your submission is entered.

*
To prove you're a person (not a spam script), type the security word shown in the picture.
Anti-Spam Image