These days I spend more and more time getting around goofy computer policies at work. I can understand making me run with limited privileges, that's just about a given. Things like taking away my "Run..." command under XP's Start Menu, though, well those are just stupid.
One of the most common IT rules is in blocking access to certain websites, usually the ones that don't have an obvious "for work" usage, eat up a lot of bandwidth, or have iffy content.
If you run into this problem and have a Windows machine with an available USB port, go get the XeroBank Browser (formerly TorPark) and put it on a USB drive. The xB browser uses Tor to anonymize requests for pages, so that your corporate firewall doesn't know what sites you're actually after.
It's slower than a regular browser, and you're still not protected if your boss has software installed to see your computer screen (e.g. VNC) so I wouldn't use it to check for a new job at work or anything. But if you need the occasional jaunt into YouTube, it might be worth a look.
2 comments:
Taking away the run command from someone like you who can actually use it correctly is dumb, I know. However, you have 80 coworkers who don't know near what you do when it comes to computers. I'd have to say there are at least 4 who spend their day trying to get around policies just to say they could do it. Then there is 1 who's sole purpose in life is to try and break shit all day. Beyond that I would say that 50-60% of the rest of your coworkers are willing to follow any how-to they find on the internet that starts with "Click Start>Run> and type regedit..."
"But all you have to do is follow your start menu to the command prompt to do the same thing." Sure, but those 50-60% don't know that. Security by obfuscation actually works sometimes.
Possible solutions?
1. Create groups who have more advanced features and let them do what they want.
Why Not?: Because I am only one person and don't care to interview each person to see what they really know. There are also network issues (eDirectory Design) that I inherited and have not changed because people at work HATE change. I hope to do something about that soon.
2. Give everyone Admin rights so they can work without limitation.
Why Not?: If I had a staff of 3-4 that could constantly fix the problems that would be caused by that ... no problem. Instead, I am slowly doing that anyway and in turn locking down Internet usage and AV services to help protect us.
3. Get organized and write complex policies and rules that would allow for this kind of usage for certain users.
Why Not?: Time.
- JW
Hey Mr. J,
First, thanks for turning the Run command back on, very much appreciated. :)
Second, I can definitely see your side of things. Of the three solutions you offer I think #1's the only viable one-but the problem there is that everybody thinks they deserve advanced privileges, me included. So that would leave you in the position of deciding who was worthy...and dealing with the inevitable shitstorm of protest if somebody were rejected. Or, you'd have to leave it up to individual managers...who would just approve anyone that asked.
I have heard of some outfits that give advanced users full admin rights on their desktop, but in our crew I think you'd be back to being The Decider again.
So the only solution I can come up with is to have Official IT Policies, but to have IT look the other way from time to time. :)
Post a Comment