The heightened defensive awareness—or, for the cynical among us, security product push—of the past ten years has endowed IT with progressively more authority to lock down systems. Federal and state regulations add legitimacy to initiatives like NAC, and have likely pushed obvious security features like least privilege into Vista's feature set, in contrast to Windows XP, which defaulted to local users running as admins. Yet vanguard business technology users are hostile to the notion of IT making unilateral decisions about what they can and cannot run on their systems.
Now, no one questions who owns the PC. Clearly, businesses are obligated to protect the network and the data residing on it. But in a true question for our times, shouldn't it be possible to balance security and liberty, even on the desktop?
This is a subject that hit a nerve with our readers. In just a couple days, more than 1,100 of you responded to our online poll. This data along with follow up interviews with both line-of business workers and IT professionals provided interesting insights. The overriding theme? A distinction between strong controls on variability and arbitrary lockdown.
"There's a reason people hate their IT departments," says a business manager at a midsize manufacturer. "Making IT more approachable is a win-win for all concerned. Users wouldn't feel the need to do things on their own if they felt IT was a help rather than a hindrance."