Posted on 07/31/2007 7:47:38 AM PDT by redfish53
Ten Things Your IT Department Won't Tell You By VAUHINI VARA July 30, 2007; Page R1
Admit it: For many of us, our work computer is a home away from home.
It seems only fair, since our home computer is typically an office away from the office. So in between typing up reports and poring over spreadsheets, we use our office PCs to keep up with our lives. We do birthday shopping, check out funny clips on YouTube and catch up with friends by email or instant message.
And often it's just easier to accomplish certain tasks using consumer technology than using the sometimes clunky office technology our company gives us -- compare Gmail with a corporate email account.
Security expert Mark Lobel of PricewaterhouseCoopers describes the most common things employees do on the internet to jeopardize company security. There's only one problem with what we're doing: Our employers sometimes don't like it. Partly, they want us to work while we're at work. And partly, they're afraid that what we're doing compromises the company's computer network -- putting the company at risk in a host of ways. So they've asked their information-technology departments to block us from bringing our home to work.
End of story? Not so fast. To find out whether it's possible to get around the IT departments, we asked Web experts for some advice. Specifically, we asked them to find the top 10 secrets our IT departments don't want us to know. How to surf to blocked sites without leaving any traces, for instance, or carry on instant-message chats without having to download software....
(Excerpt) Read more at online.wsj.com ...
There are even more challenging environments than industry in this regard. I went from industry to an academic environment and now in addition to the careless or thoughtless but benign worker who just wants to jigger the system so he can download nekkid pix I also have an actively malign element who (1) demands that the network work flawlessly for his or her own little term papers and (2) also regards it as a playground and an opportunity to Stick It To The Man by betraying what he or she doesn't even recognize as a trust relationship.
Most of it is human attitude, really. If you have a login name and a password you are in every real sense an insider with the ability to soil whatever nest you're being allowed into. If it stinks afterward, whose fault is that?
Oh, and as long as I'm ranting - the next idiot who breaks the system and smirks that he's found a hole gets his nose cartilidge tested by my trusty clue-by-four. Go stick nails into the tires of the football team and then complain that security shouldn't have allowed you to do that. See what it gets you. < /rant >
“Yes and the network guys probably exclude their machines from the block(s).”
Most IT guys worth their paycheck don’t.
From time to time I get an Email from a freind saying check out this Youtube video.. I click on the link and up pops “The website you are trying to access has been blocked. If you have a business need to access please contact...”
Then I go “Doooohhhh” and slap my forhead forgetting that I blocked that website.
For the most part the rules are there for a reason. For us its HIPAA and Sarbanes Oxley. If I violate the rules then the rules are useless and my efforts have been for nothing. Also we are violating the law.
We have college students who don’t know a monitor from a modem but they can yank down their AV and firewall software like pros.
We had a kid get majorly infected. He went to a Russian porn site from an email and got the infection. We asked him why he took down the AV and firewall and he told us the site recommended it. Geez!
“I do the same thing to my Citrix server, at home.”
You know you are a geek when you can say that!!!
(Hysterical laughter being stifled here.) Yeh. I think I have his brother out here.
Now, imagine 10,000 more just like him in your zone.
“Not all system administrators are misanthropic sadists, only the ones who have been doing it more than six months.”
Can I PLEASE use that line? Can I use it as a tagline if I give attribution?
.....that needs to end.....
.....by one means or another.....
“If youre shopping for a house, youll get lots of mortgage mail. if youre going to gaming sites, youll get lots of pharma / porn spams. Youll get those pesky little PDF attachment emails from going to more nefarious sites.”
I get all the above @ work and have been very protective of my email addy. (and aren’t you support folks supposed to be blocking those gaming and nefarious sites anyway?)
Since you “know” and you “can see”, you wanna explain that one to me?
Could it be because the Support folks here had a system compromised, which grabbed all the internal addresses including those of people like myself who strive to keep their accounts spam free?
“its a matter of understanding how it all works.”
yea, I know how it works. Those with an inflated sense of self importance because they *think* they “know” and “see” what’s going on just like to always blame the user and never admit that they made a mistake.
(for the record, I’m in IT, just not desktop support)
“We asked him why he took down the AV and firewall and he told us the site recommended it. Geez!”
HAHAHAHAHAHA
I am an IT Director and the Email below is from a person in the Payroll Outsourcing department:
THE PROBLEM
Good Morning Raymond,
I do not have the FTP file on my computer, the GL is ready to be dropped... Can you please drop it in that file for now and set me up later?
Thanks,
MY RESPONSE
Sure. I can FTP a file if you can tell me 3 things:
1. What file?
2. Where is it stored?
3. Where do we need to send it?
HER RESPONSE
I do not know the answer to any of those... LOL
I was told to just tell you about it, and you would be able to assist...
The IT is worth his paycheck only if he can serve the sales rep.
That's the kind of IT that keeps spammers in business.
The IT is worth his paycheck only if he can serve the sales rep.
That's the kind of IT that keeps spammers in business.
LOL - it’s all yours. I have a colleague who used to be a problem child until we hired him as an SA. Now he’s worse than I am. He’s taken to keeping an irrigation hammer at his desk with a sign on it reading “Ye Hammer Of Compliance.” I do think you mellow a little over time too, or at least he’d better or he’s gonna pop a blood vessel come September...
My favorite is “Why did my friend get a message that the email she tried to send me was undeliverable?”
I can't imagine handling security in an academic environment. My hat is off to you, sir.
And... You're welcome!
That’s pretty usual. I get this one all the time.
“That Word document didn’t work. It’s empty”
“When it asked ‘Do you want to run this query?’ what did you do?”
“I hit the No button”
“There you go. You got what you wanted”
Same person every time.
My all time favorite was “My PC won’t boot up. I was cleaning out the Windows directory because it had all these files that I didn’t recognize. The PC said it was out of space so I was deleting things.”. It turns out she moved all her music into the Startup directory so they would “play all day”. She ran out of RAM and started deleting things that “weren’t mine”.
Among other things, I handle backups for our company. I used to get frequent requests for restores like "I deleted a file. I don't remember the name, but it was related to (a client). Or, it might have been related to (some other unrelated client)....I don't remember. It was last week, or it might have been three months ago. I don't remember the server it was on. So, please go recover it immediately, it's critical".
Then, when I told them that I needed more info, occasionally I'd get "What part of critical don't you understand!?" then I'd hear from my boss that, per this user's supervisor's Vice President, our DR/restore process is seriously flawed and needs a complete and thorough review.
Finally, I got the powers that be to put a policy in place where I don't look at restores without a filename, location, and recovery time. Idiot cases like the one above are why IT locks down their policies so tight, IMHO.
Don't even get me started on the perils of dealing with clients that have outsourced their IT departments. I recently talked to a nice young man from India, who although being very personable, was clueless - enough so that he asked me how to spell FTP. You can't make these things up.
LOL! At my last job, I used to keep a whiffleball bat close to hand and prominently displayed at my desk...likely for some of the same reasons.
I like the hammer idea better.
IMHO those are words suitable for framing --for engraving!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.