I have a 5 y/o 'company' laptop that is coming up for replacement. I use it only for spreadsheets, some WP and work-related (obvs.) browsing.
Due to a Windows-induced total catastrophe with work some years ago, I resolved with some success to avoid Windows & MS like the plague, which takes some doing as the company runs only MS products on its network. Since I never connect the old laptop to the network directly (only through Citrix), I have been very happy running Linux Mint & LibreOffice on it.
Horror of horrors, the new laptop - a Toshiba Portege z30 (quite nice) has the BIOS settings protected by a supervisor password preventing herberts like me from sullying their tender insides with Linux - or indeed any other unauthorised software. The machine has Windows 7 on it and some security software that takes so long to get going I push the button and have to go and make tea, only returning some while later to see if it's ready.
I now have to ask the IT supremo for permission to adulterate the new lappie and need to make a good case otherwise I'll be stuck in Windows hell. My reasons for not wanting Windows include :
- Hating it with a passion (but he plainly doesn't so that won't count for much)
- All my spreadsheet modelling is in .ods files, but could presumably be converted to Excel files (is there a loss of function if that is done?)
What other reasons can I cite to make a cast iron case for getting rid of W7 in favour of my lovely Linux/LibreOffice/Firefox setup?
I really need to nail this in one go.
All helpful, technically sound suggestions greatly appreciated.
Any decent corporate "IT bod" will politely tell you where to go. The risks to the corporate IT environment from PCs etc not completely locked down are truly scary.
It does depend what industry you are in though, and how big your company is.
Pete (a corporate IT bod)
I'd deny your request. You have no compelling business justification that outweighs the risks.
Sent from the top of a hill using semaphore.
"Bite my shiny metal ass."
- Bender Bending Rodríguez
You're thinking of your needs. His job is to put the company's needs first. I doubt your argument will make much headway to be honest but can sympathise with your rationale. Windows is my day to day environment as well as Mac, but Microsoft's general approach and the way they keep getting it so wrong in so many ways even irks me. They get plenty right too I suppose...
See above. You needs are far outweighed by the risks to the business, its IP, it's data, etc not withstanding its liabilities under the law. (Data Protection Act, etc). Plus chances are you will also get sacked.
But knock yourself out - excellent business opportunity for cyber criminals and security experts alike.
Whoever does not know how to hit the nail on the head should be asked not to hit it at all.
Friedrich Nietzsche
hack the bios password, insert your own, do what you like.
when it comes round to be checked, deny all knowledge.
Sound(ood) advice.Originally Posted by soundood
(a) What computer?
(b) I really have no idea.
(c) Ooh look, a squirrel.
OP perhaps you you need to ask the non-corporate IT bods around here for advice that suits your case!
You don't really understand the concept of standardisation and corporate systems then do you.
It's work. Live with it. If you hate it that much then change jobs.
Another option, rather than suggest he hand over the keys to the car (metaphorically speaking) maybe a better option would be to see if he will install a hypervisor such as virtualbox or VMware player that would let you run Linux as a virtual machine. The laptop stays on windows and you get to largely stay away from it and use Linux as your primary OS. You'd probably need to still agree some housekeeping ground rules such as keeping the Linux distro updated but there you go.
WTF? If I was an IT bod, I'd take that laptop off you and never allow you anywhere near anything connected to the corporate net.
I do get the corporate IT rationale of protect and security. I don't get why it leads to slow machines, bad software, dreadful user experience et al.
Run everything you want on your own machine, email results to corporate account.
Get it upgraded to a solid state disk. TBH any machine we procure nowadays is always spec.d with one. That'll make a world of difference.
There is no reason for corporate security to be slow but it happens, have you reported it?
Running company info on a non-secure device is a sackable offence in our corporate world so I'd be careful about that too.
I am using two laptops with Windows 10 and ssd disks, they start up in seconds and are completely trouble free. No idea why your setup is so slow, have it checked by your IT department.
Regarding your wish to run your own configuration on a business machine: see above. Never going to happen if your company has any IT risk management.
Last edited by Raffe; 27th May 2016 at 06:15.
Someone who lies about the little things will lie about the big things too.
'Any decent corporate IT bod' is supposed to be making it really easy and secure for people to use any and all devices on the corporate network these days. I use my personal iPad more than my company laptop most of the time and yes it is secure and no I won't be sacked.
Ask him about your company's BYOD policy, and see if you can buy or hang on to your old PC. If he looks at you blankly then as others have said you are probably going to have to suck it up for a couple of years or find another more enlightened company to work for.
This is very much what I was going to say.
Easier said then done these days.
Sent from my iPhone using Tapatalk
It's a tricky one. In big companies I see the need for uniformity; it's difficult enough for IT to manage a network of completely homogeneous machines, without the added hassle of different operating systems and software. It is an administration issue, by the way, and nothing to do with security: if security were paramount, you would all be running Linux.
More enlightened companies, however, recognise that staff are much more productive when they can use whatever software works best for them. Some people are also quite capable of managing their own laptops and supporting themselves, and you might be able to agree a deal on this basis.
If not, you have to follow company policy, or find a company with a better policy.
Take the IT bod out for lunch, supply them with beer and wait for them to love you and say yup i'll do that for you.....
Beer works wonders with IT members!
Yes I am in IT, Yes I do like Beer.
Or just explain the situation and ask for how best to get this resolved, might be a happy medium but would depend on how the company works, plus I think you were lucky to have Linux on the other laptop for aslong as you, unless there would be some sort of loss with converting the files.
Not true at all.
Sure, centralized administration is loved by IT, because they can not only ensure that everyone gets the tools and support they need but also so they can get control and assurance around device security. Centralized administration is a by-product of the requirements security have in order to meet corporate goals and external, legal, or regulatory requirements associated with information. Uncomfortably, Windows is the lowest common denominator and therefore has the widest spread of security software - you try layering remote access, firewalls, AV, DLP, encryption onto a linux productivity system in a way that you can then report any useful compliance metrics back with or respond to security events with.
I hate windows, but I understand why I have to not only use it but also make sure everyone else is too. Unless they have a really, really, good business reason.
Last edited by stooo; 27th May 2016 at 10:50.
corp IT bod here:
if they've given you windows 7 - send it back - its not safe enough in todays world
windows 10 while may be scary new - has less security holes (for now)
and if you're using citrix for work related stuff anyway - you shouldn't mind whats running in the background...
(and yes we like beer and trips to the go karting)
Last edited by Xantiagib; 31st May 2016 at 09:01.
Well yes and no. In our case it is because they bought low spec laptops which were never going to meet anyone's idea of quick (cheaper...). Secondly, any type of non-functional testing is unheard of, so a poor quality product will be accepted into live because it passes all the functional tests, even if it takes 5 minutes to boot. Thirdly, AV scanners only seem to get slower with age (more stuff to scan, bigger AV signatures to scan against etc) so if it wasn't 'slow' to begin with you can guarantee it eventually will be.
Nail hit firmly on the head with your last bit. Users seem to like nothing more than endlessly whinging about the IT. If only they would take a small fraction of that time to call the Helpdesk they might actually discover many of their issues can be fixed or are actually caused by poor working practices...
I cannot think of any specific substantive arguments for moving to Linux. The truth is that Windows 7 is fine in itself: It sounds like it's the installed software that is the problem for you here.
(1) What is the security software? It shouldn't be running as slow as you describe on a modern laptop. Get your IT department to fix it; there is something wrong with it. There is clearly a business need to make it run faster or replace it. It is poor business to favour the administrative needs of the IT department over the time of the actual users.
(2) Can you install your own application software or have IT do it for you? If so, just install/get them to install Firefox and LibreOffice. These run great on Windows. If they won't do it (or won't let you do it) then:
(a) Suck it up,
(b) go BYOD (if they'll let you),
(c) question the application software policy on business grounds (see paragraph below), or,
(d) as suggested, seek new employment.
As for questioning the application software policy on business grounds, it seems to me that the grounds would be smooth compatibility with existing files (Excel will open .ods files but you never know when there could be an unexpected compatibility problem). I'd also mention familiarity with software but no one seems to care about this nowadays, despite the fact that lack of familiarity has significant impacts on end user productivity and new 'and improved' software does not necessarily increase productivity even after a learning period.
Last edited by markrlondon; 28th May 2016 at 07:53.
Oh come on. In many ways it is safer then W10: It does much less unnecessary and insecure phoning home.
It is surely riddled with holes by design.
that's what I did. they restrictions on restrictions, ports closed, wifi's you can't connect etc. and honestly as I was off Windows good 8 years I did not know how to do simple tasks anymore. Brought my macbook, set up in 10 minutes, despite warnings "oh, we don't believe that you could connect to mail servers or printers" and I am happiest person in the office now.
its safer in that its engineered differently in the guts - yes its full of holes but the ones in windows 7 are more well known and statistically more prone to be exploited - its only a question of time for the windows 10 holes to be exploited
its more secure to me because in that those holes haven't been discovered yet...
connect an XP machine, windows 7 and windows 10 - without Antivirus - to the interenet and sit and wait
which one will get a virus first ?
Can't you install Linux alongside Windows and run it as a dual boot machine?
Eddie
Whole chunks of my life come under the heading "it seemed like a good idea at the time".
The present setup will not allow me to install anything or make any kind of changes - otherwise that would be a good solution.
My local laptop repair man reckons he can reset the supervisor PW (for a fee) which looks like the safest bet (rather than doing it myself), so unless the PW is forthcoming, that'll be the way forward.
If we found someone doing that (1:Circumventing security controls; 2:Placing a corporate asset under the control of unauthorized individuals) the matter would be placed straight with HR and would likely not have a good outcome.
This.
Seriously, your safest bet imho is to sweet talk your IT chap into letting you run a virtual machine on top of windows. And since it will all be above board you have no worries on the compliance/HR front.
Speaking as someone from HR, if that landed in front of us I wouldn't be surprised if it ended in an immediate dismissal based on gross misconduct.
Dave E
Skating away on the thin ice of a new day
Speaking as someone who has worked in Senior Management, I would not be happy with the pair of you for bringing this to my attention, and forcing me to discipline what could be a very good member of staff for installing Linux on a shitty work computer.
you would be on ze list for cull at the next re-structure
But who knows as an individual user what stance they will take? The bottomline is that taking a machine to the local bodger so he can reset the passwords so you can bypass group policy is a pretty dumb thing to do.
We'd also go after the manager if they thought this behavior was OK. You do not get discretion over policy decided and signed off from the top floor, no matter how senior you think you are.
Security is not the optional thing it was even 10 years ago.
My predecessor at my current job was fired because of an IT security issue
Please think carefully before you do that, In my industry that would be gross misconduct, and would result in either a final written warning or dismissal.
Soundood- Not sure why, as a former senior manager, you wouldn't want someone compromising IT security brought to your attention. I am one currently and would definitely want to know and take action.
seriously Stooo? in 20 years in Management I have never seen an HR/personnel with the balls to send a letter, never mind go after anyone. as always it is up to the management to compile everything to 'eject' an employee, always to be let down by HR, at the last hurdle.
as for going after senior team members, you wouldnt stand a chance, not unless you had it on video with a signed confession, please explain how you would 'go after' a senior manager after finding a hooky version of Linux on a laptop? on the guys say so?
and by the way, you lot are talking, its as if he works for MI6 or something, let us pray that those quarterly figures dont fall into the hands of Ahmed at the local corner shop, were doomed!!!
I'm guessing from the above your 20 years in management is in corner shops not large corporations.
Yes that's correct, and thank you for your input and insight in this thread, you truly are a credit to the larger 'corporation' you belong too.
HR will be along in a moment, to congtaulate you for your service, and award you with your 25 year chocolate watch.
You could always show them your tattoos to prove that you are proper management material!Yes that's correct, and thank you for your input and insight in this thread, you truly are a credit to the larger 'corporation' you belong too.
HR will be along in a moment, to congtaulate you for your service, and award you with your 25 year chocolate watch.
FWIW, to dick about with a company owned computer was a dismissible offence at my last firm.
I'm fortunate in being able to run whatever flavour of Linux I like on the PCs I use for work, but Windows simply wouldn't be suitable in my job (nor would it, in a general sense, be good enough quite honestly).
You do need to observe your company's data security policy to the letter, in my view. I have seen people admonished for disabling the security software on their company smartphone. You would probably find minor formatting inconsistencies between Excel and whatever Open Source product you used in its place under Linux. Certainly that's the case with Word.
Seriously.
The last major security event at our organisation was instigated by someone who circumvented removable media (CD/USB) controls and introduced a worm onto our internal network. It took 10 days and the combined efforts of the whole IT department working with Sophos to clean up and cost the firm thousands in extra time and Sophos support costs.
Your work laptop belongs to your work, not to you. Any company which is serious about IT security would at the least hold a disciplinary on you for circumventing security on it. As an IT manager I would certainly insist on it.
There seems to be a misperception about "Bring Your Own Device". It doesn't mean you can take your home laptop and plug it into a corporate network with no controls. It takes a lot of work to provide safe and secure access to data from devices which aren't controlled by membership of corporate domain.
Last edited by Scepticalist; 1st June 2016 at 09:58.
I really am grateful for all the contributions here - it has been an education.
As our business has grown, the nature of our IT needs has shifted, but with careful management we have ensured that the IT serves the business and not the other way around. Ive only lately come to appreciate, however, what a tricky task this has been.
We are a multi-disciplinary services business in which our income is derived from the success of fee-earning staff comprising more than half the headcount with others in support roles. Each specialism has very different IT needs, but the general approach has been that those doing the work have the best insight into what kit they require and how best to use it. The only 'global' systems are accounting and CRM, everything else is fairly ad hoc - data security is focused on clients' data: not any valuable IP.
Luckily Im not working in a corporate North Korea - "disciplinaries" are rare on any account, and usually amount to "an internal meeting without coffee" - following which folk who have perhaps engaged in egregious acts of thoughtlessness have occasionally decided to develop their careers elsewhere.
The situation that prompted my OP was for the first time being given something without the facility to change it to what I liked. I gather this reflects a shift in policy to 'safety first' - as many colleagues have no need or inclination to ask for anything different. Our IT guys have responded fairly positively to my requests, subject to detail, so we'll see how that develops.
I think it's obvious that the organisation you worked for had a very different approach to risk, governance and apparently hiring to the approach taken by the organisations of many of the contributors here.
Hopefully they also never handled any regulated data or any of my data or information.
Posting Permissions
Reply With Quote
