Mission to Nowhere

I am not a happy camper right now so take what I have to say
with a grain of salt. [insert disclaimer here]

That said, for those who are tasked with managing a large,
multi-location network, using any tool that will help you do your
job is highly prized. Unfortunately, within this context, it is
common to confuse what the goal is. That is, the overall goal
should be to assist the organization in meeting its mission. For
some, this is manufacturing and for others a service. For us, it
is the administration of justice.

However, the confusion comes in where some Information
Technology (hereinafter IT) managers begin to think of the
network as their own and that employees are invaders that, at
best, must be tolerated and, at worst, must be
tracked/blocked/spied upon.

Recently, under the guise of implementing a large
network-based application, our IT division began surreptitiously
installing a very costly program called LANDesk. (Link removed at the request of LANDesk Outreach and Digital Content Executive Matthew Kong on December 11, 2015. My removal of the link is in no way an admittance of any violation as by reading this blog, LANDesk agreed to my disclaimer. Feel free to Google LANDesk).   I say
surreptitiously because other than notifying a committee that
does not regularly report to employees, IT refuses to let anyone
know about the installation. They refuse to put up a notice on
the internal intraweb site (which is what the site is for). They
refuse to send a memo to all division explaining what the
software is for and why it is being forced down on all desktops,
via the network, without their prior knowledge or consent. In
other words, they seem to be very closed and are essentially
telling everyone else to “bug off” because IT knows
what they are doing and no one else does nor needs to know. Of
course, I don’t know what IT knows but I note, yet again, IT
has apparently hired a consultant to do the installation and
configuration for them. Perhaps I’m wrong, but this would
tend to indicate IT doesn’t have the in-house expertise to
install and configure such an application. But I digress.

LANDesk has several modules intended for different situations.
But for users, the modules that affect us are: one that secretly
“inventories” the users PC, one that surreptitiously
allows IT to watch whatever is on your screen (in real time), and
the one that can take over control of the PC itself. I would not
be surprised if IT already reads all the emails coming and going
within our system. But, I guess, that may not be enough in the
war against employees. IT now seems to want dominion over all
desktops attached to the network.

There are many unfortunate problems with this situation. The
most important, right now, is that LANDesk does not seem to be
compatible with some types of security software such as
anti-virus and anti-spyware utilities. And by incompatible,
speaking just for myself, I mean LANDesk will corrupt data to a
point in which the user must reformat the drive. Within one week,
I got between five and 10 blue screens of death and various other
Windows errors that locked up my PC. Any of these episodes may
have been the one(s) that finally caused by PC to become
inoperable, but I can’t say which one in particular did the
deed. Although it is possible the installing of LANDesk was
coincidental to my problems, common sense tells me otherwise.

In any case, I had to reformat my drive and re-install my
applications. Needless to say, I am less than a happy camper
because this occurred during the time I was working on the
internal project I’ve mentioned before. This project started
nine month ago and culminated in a 75 page report (30 pages of
which are data tables) that I recently finished. Fortunately, I
kept multiple copies of the report in different locations so when
my PC went down, I still had access to the draft.

Did I mention I am not a happy camper?

Lastly, central control of all PCs on the network opens a door
for a worm or virus to be spread, all at once, to every PC.
Stunningly, IT seems to be blind to this possibility and
has no procedures or policies
, written or otherwise, for
the physical security of the workstation that controls LANDesk
nor any procedures or polices to cover the eventuality of an
employee accidently, or on purpose, either spreading a virus/worm
or the taking of confidential information from employee’s
PCs. This, even though it is common knowledge that the most
common vector for spam has been internal IT employees stealing
the information and selling it to spammers.

To me, the purpose of the network is to help employees do
their job of meeting the mission of this department. However, it
seems IT has decided users are a virus that must be stamped out,
or at least controlled. This is, apparently, regardless of the
consequences and without transparency or accountability.

More tomorrow when I will talk about the changes to MT 3.2
(and why this site is looking so strange).



2 responses to “Mission to Nowhere

  1. You and me both! And I’m in IT – but they’ve “outsourced” computer support and network management in our *large government organization* to a new organization created by pulling most of the “support” staff out into the new org. There’s, again, no accountability back to us, no concern for what we need to be able to do our jobs, and a fondness for “one-size-fits-all” solutions that don’t really fit anyone. Machines that aren’t created in their image don’t have full network connectivity (not just they aren’t allowed to join the domain; I can see that – they’re blocked from such sites as Microsoft [Windows Update, anyone?], Byte, Government Computer News, Security Focus, . . . .). I need administrative rights to at least my machine to carry out security scans on unmigrated (because they don’t want to take them on) servers, but I can’t have it becuse that doesn’t fit in with their world-view. So I need to run the scans from a machine that’s not part of their domain, but that can’t get updates because it’s been physically moved to their network. Oh, and did I mention that they still haven’t deployed XP SP2? They’ve been testing it and are about to do so, but . . . Before they took over our systems, we were running SP2.

  2. Seems your IT folks have won this round.

    Many in IT see it as an us-against-them struggle – protect the hardware/software from user abuses! The real problem is that while some of these kids in IT might be real geniuses, they lack the human touch and perspective you get from working the other side of the line.

    Some day someone will see all of this cost-cutting for what it really is – stupid – and buy a clue. We can only hope it’s soon.