Tech Support HELL

true. but a simple office doesn't need that freedom.

From:

emsporter.livejournal.com

We recently (last year) absorbed a sister company in Australia into our NZ operations. Their users all have local admin rights, and no Internet filtering at all. The sheer volume of calls we get from those users about:
* malware (from the usual run of trojans etc through to the tits using Limewire on corporate PC's)
* unsupported software (I downloaded this cool thing! How do I use it?), unlicensed software, conflicting software, etc
* printing issues, because users have the rights to change the default printer settings on print servers (augh)

We're a relatively tolerant department. In the NZ operation, Firefox and IE are both supported (although the image defaults to IE6, as some of our legacy apps won't run with 7), if you've a work-related reason to use social networking tools, Google docs, whatever, you'll have access to it... we do try and accommodate reasonable requests. And the days we get frustrated because apparently reasonable requests are denied by bureaucracy, we look at the problems over the ditch and stop bitching.

(Note: There's lots of internal politics that I'm ignoring for the purposes of this post, and probably some context.)

From:

jokergirl.livejournal.com

Yeah, but a lot of companies go with the "one policy fits all" method sadly.

;)

From:

luckily in the past few years I work for companies that don't :) and the current one is Linux only, so even better :)

From:

ravenofdreams.livejournal.com

Apropos of nothing except the excellence of it, what is your icon?

WRT the article - having worked as corp IT in environments that ran the full gamut from extreme lockdown to extreme freedom - with the end users that most of us usually see, some form of lockdown is necessary. The great majority of users are dumb. I'm sorry for putting as bluntly as that, but we all know it to be true. They may be genius accountants or the world's best designers or whatever, but put a computer in front of them and they start saying things like 'hurr hurr, I'm computer illiterate.'
And no matter how they scream, I am never, never giving full admin rights and unrestricted web access to the same kind of people that say that with a smile like it's okay. (The ones that prove otherwise can apply for exceptions. I'm lenient, and I love to have someone convince me they're not an idiot. But my stock assumption these days? Users are dumb.)

Edited Date: 2009-08-29 12:41 pm (UTC)

From:

siliconshaman.livejournal.com

Which said IT geniuses then quietly subvert, if they're any good.

Actually, one could argue that the challenge of circumventing stupid corporate policy is probably better for inventiveness.

Hmm...now there's an idea for a motivational exercise...

From:

Funny...as a developer I tend to consider the "IT guys" the idiots who're just in the way of me doing my job. But I recognize that that's different from the general situation. Most users should have locked down computers.

From:

Yeah, that's the problem. I think there should maybe be different user levels, and that users can qualify for more freedom through internet savviness exams.

From:

manuka.livejournal.com

Too bad slate's commenting system completely blows and makes you click on every single comment to read them.

From:

I've worked in places which did have different user levels, but they were mainly based on the particular positions held rather than the individual. Other levels could be applied for and were assessed on a case-by-case basis.

As IT Support had had a hand in the policy construction, there were levels which included complete administrative control of one or more business PCs - but with the proviso that they were on a separate subnet to the main office WAN and LANs, and that IT Support's scope of support extended only to hardware repairs and reghosting the hard disk back to a standard build. Network support teams and policies monitored all the connections and if they saw anything resembling malware packets or network storms coming from a PC, that port got shut off HARD.

In other words, if you wanted (and could get) complete control, you also got near-complete responsibility. This helped, as it meant that applicants were generally confined to the dev teams, and a lot of people who might have otherwise requested it balked when told they would not be able to call the helpdesk for anything short of actual failure.

Of course, this was a multi-dozen-thousand-user shop, so more complex policies of this nature were par for the course. Smaller networks might find a single admin policy easier to work with.

From:

seaofdestiny.livejournal.com

Word.

One slightly redeeming feature: the comments appear to be 'threads' (in the sense of comment + replies to that comment), so you don't have to click on every little comment, but 'only' on the 'top-level' comments.

It's still bloody annoying, though.

From:

owl

The only way anything approaching that could work is if all your users are software developers, because 1) No two of them are going to need the same set of applications 2) they won't need their hands held to use whatever it is 3) a shop full of bored/frustrated devs are almost as dangerous to security as the unfettered intarwebs.
Everyone else, stick a reasonable range of applications on the standard image (including, please, a browser that's not IE6), and lock the machines down.

From:

owl

Something LJ does so sensibly is comment threading. Most other places are so faily in comparison.

From:

seaofdestiny.livejournal.com

True that. I love LiveJournal's threaded comments.

Comment notification e-mails are also great; you don't need to keep checking back every few hours to see whether anyone has replied to you.

From:

notthebuddha.livejournal.com

Is there a way to get notified of replies to comments elsewhere in a thread, like the original poster would be?

From:

notthebuddha.livejournal.com

I think a sufficiently robust VM setup with roaming profiles could work - and the support hours saved might be enough to buy fast enough hardware to reduce the per-session setup time to cold-boot length or less.

From:

From a support perspective, I'm completely behind the dev team having access to fully unlocked PCs, as long as they don't expect software support for nonstandard builds, settings, or software.

Of course, I'm VERY much behind the dev team also having access to PCs with the weakest hardware and most restrictive policies available in the corporate setup, to make sure that any new releases can be tweaked to run without crippling the standard build...

Edited Date: 2009-08-30 06:27 am (UTC)

From:

red-scully.livejournal.com

OMG, I saw this yesterday and lost my shit with rage. Who is this dude anyway? Thank you for posting the abuse, it's really calmed me down...

From:

Well, you're one of the good guys =D Not enough of you where I work.

From:

silveryrose.livejournal.com

Paid accounts can watch individual threads (or sub threads for that matter). Basic and Plus accounts have to place the watch on the post itself and get notified of every reply.

Sadly that happens to be the only feature of my paid account that miss.

From:

all the software companies I've worked for had the developers roam free in their own subnet, just like the QE teams. Accounting, secretaries, designers and non-IT engineers had everything locked down, usually working inside a restricted VM

From:

Did I mention I'm in the business of remaking helpdesks? For better than free? :>

From:

Yeah, working on getting something like that implemented. But that's a bit tough in a 40,000 person company with a CTO who doesn't know what the 'T' in his title stands for.

From:

Reframe the request in terms of results, money, and time saved?

From:

That's being worked on by a number of people now. These people are slow on the uptake though.

From:

tuba-man.livejournal.com

Is fire one of your primary tools? I'd like to see you work sometime! :D

From:

seaofdestiny.livejournal.com

Happy belated birthday, then!

From:

silveryrose.livejournal.com

Thank you, I appreciate it :)

From:

Hee. Nah, I just have a suite of efficiency improving processes which are at least half composed of being able to say "Listen to your techs!" in language that managers will be able to take to the CxO and finance levels.

As a bonus point, _none_ of these methods came out of a book or management/business course, and they don't have fancy names that sound like they belong in a brochure. If I name them at all, it's things like "In this method, we stop doing REALLY STUPID STUFF." They're not part of an ISO number or ITIL or some generic MBA thing. They don't have flowcharts and twelve-step programs and tickboxes. They're analyses and genuine fixes I've put together over more than a decade of actually improving help desks in the real world.

As a result, I can mix up three really nice ingredients:

1) I can usually save the employer a couple million bucks by finding and killing stupid moneywasting activities;

2) I can make the helpdesk environment a LOT more pleasant because 90% of those same activities are things that have been giving the techs the shits for years. Not to mention that I can easily justify things like better furniture and more up-to-date equipment for the desk; and

3) In a lot of cases, I can do both of the above in a couple of days rather than dragging it out over months like a lot of consulting groups.

My default contract says I get paid by results instead of an hourly rate, so there's no advantage to me in doing mindless things like employee meetings and satisfaction surveys and generally bugging the living hell out of the techs. Just give me the raw ticket/phonelog data, and maybe a Friday afternoon shouldershurfing and shooting the shit with a couple of frontliners, and I'll have enough to fire up the paperwork launchers come Monday.

Having worked the phones myself for too many years, I'm also not too bad at making sure none of the stuff I fire up the corporate ladder is going to come back down as anything other than positives. You'd be amazed how many financially sound arguments can be made for jacking tech salaries up by 50% and installing really comfy chairs and dual-flatscreen rigs. Maybe some webcams in the server rooms, a live OOB team server for preliminary rollout testing, some nice policy arrangements with the dev teams...

Edited Date: 2009-08-31 04:51 am (UTC)

From:

well, its all part of the job :)

From:

jdotmi.livejournal.com

One of our developers has a bad habit of getting any machine he works on horribly infected with malware and viruses. He's had to have his machine wiped and reloaded around 2 times a month for the past 6 months. But because he's a "dev" and he's working on a "major project" we can't nerf his access to the level of a dummy terminal even though it would probably be in everyone's best interest.

At this point, we'd be happy just making a ghost image with all of the crap that he's supposed to have installed beyond our normal base build just so that it doesn't take up the majority of one of our days to install all the crap he is actually licensed to use. Especially a few weeks back where he killed his machine on Monday, and then killed the replacement on Wednesday.

From:

Not all developers are smart. I know this well.

That's why I'm in favor of multiple examination levels to determine access level, rather than simply on an as-needed basis.

That partly depends on how bad the need is too though.

From:

russianswinga.livejournal.com

I *heart* you.

From:

gholam.livejournal.com

One could put it this way: when I need to deploy a patch for IE on 500 computers, I right click it in WSUS and select "approve for installation". When I need to deploy a patch for Firefox on 500 computers, I'll send this guy to do it manually.

From:

Heh. Mention me to CxOs, tell your friends! What the hell, it's been a while since I visited .ca.us, and there's gotta be some businesses/techs there looking for cost reductions and/or better workplace environments.

Edited Date: 2009-09-01 11:05 pm (UTC)

From:

arabwel.livejournal.com

hen I grow up I wanna be just like you! :D

From:

Aw. :)

To tell you the truth, I had absolutely no idea at any point during my previous career(s) or before that I'd end up doing this. When you ask kids what they want to be, they say "Doctor", "Firefighter", and "Superhero", not "Public Servant". Guidance counsellors don't generally have "Tech support" on their lists, unless "Computer operator" counts. And it's a rare tertiary student who is aiming to become a consultant.

I think I just fell into it when I realised one day "Hey, I've been doing this a heck of a lot longer than most people, and I seem to have saved a lot of employers literally millions of dollars along the way by identifying and sorting out workflow/scheduling problems no-one else seemed to be able to. I wonder if someone might, y'know, PAY me for it?"

Some Googling uncovered the phrase "business management consultant", and after exclaiming "People DO get paid for this! [1]", the next step in my career pretty much wrote itself.

[1] (Also, the phrase "They get paid HOW MUCH?!" may or may not have been uttered several times. We probably all know that tech support isn't generally considered the world's most lucrative job.)

Edited Date: 2009-09-02 05:27 am (UTC)

From:

arabwel.livejournal.com

*grin*

I'm a carer monkey myself... (then again, i am all sorts of young anfd innocent still! :P) but I kind of know hat you mean. IU have a riend ho is retty high in his companyäs IT.. that still runs as if they had 12 employees, nort 1200 scattered all over europe. I keep looking at the mess and going "... this could work SO MUCH BETTER" *facepalom*Ä

From: