As an MSP, you’ll come across two main types of clients. You’ll have those who want to lock their IT systems down to the furthest possible degree, and those who prefer to trust their staff to use company computers however they wish. You’ll probably also encounter plenty of customers whose stance lies somewhere in between.
There is no “correct” answer to the question of how much control users should be given or trusted with. Companies in certain industry sectors may be constrained by laws or compliance guidelines and have certain “lock down” decisions forced on them. Broadly, though, just how much should users be allowed to do on company computers?
The best way to tackle this issue is to spend time with the powers that be at each customer site. Take them through a list of the system areas that are often restricted, and help them to make some decisions. It will be down to you to configure systems to enforce the chosen restrictions – so selling system management software or services may be a pleasant side-effect!
Here are some things to think about:
Should users be free to browse the Internet exactly as they wish, or do bosses wish for certain sites to be blocked?
More and more business is conducted online nowadays and social networking often forms an integral part of a company’s marketing strategy. As a result, decisions on restricting browsing are more difficult than they were in the past.
While restricting the Web may stop employees wasting time, it may also stand in the way of them doing their jobs. This requires careful consideration, and is sometimes better handled through policies and effective management than by software controls.
Should staff be free to change their desktop backgrounds, mouse cursors and desktop layouts? It may seem draconian to stop them doing so, but are bosses happy that office guests may encounter photos of Kylie Minogue or Justin Timberlake plastered across user’s monitors?
Much of this will depend on a company’s image. Creative companies will probably have very different views to accountancy firms or law offices.
Should staff be encouraged to run their own Disk Cleanup procedures or defragmentations? Usually, this would be down to the IT department, but there is a school of thought that says users should be encouraged to take responsibility for their own computers.
Having a discussion with clients that covers these issues should help you to form a general idea of the lock-down approach for each business.
Meanwhile, there are some things that you should be doing as a matter of course. For example, staff remoting into thin clients should not be in a position where they can accidentally shut down the server, or make changes that can affect other users. Some system lock down matters are not down to individual preference – they’re down to simple common sense.