What's the most ridiculous IT policy you've come across

moycullen14

Having shocked people with my 'no linux' story in the dev tools thread, I though a thread dealing with insane IT policies might be fun.

So, what crazies have you seen?

A place I was at in the UK a few years ago had a 'no open source' policy. No amount of explaining that this was insane would do. Some corporate muppet had decided that it was OS was bad and that was the end of that. It was a lot of fun re-implementing apache commons though :-)

endacl

Can't access YouTube in the classroom. On teacher's id/login.

fl4pj4ck

To be honest OP, nothing in your stories seems unreasonable from IT point of view.

PrzemoF

fl4pj4ck wrote: »

To be honest OP, nothing in your stories seems unreasonable from IT point of view.

Banning the whole open source software is like banning software that has "Z" somewhere in the name.

Creamy Goodness

A couple from when I was contracting:

To install some software (was the xcode command line tools - that you need to run certain build commands) needed for their job a software developer had to 'send a ticket', due to it not being labelled as 'critical' the guy was there waiting for two ****ing days.

No open source policy came up a bit too.

fl4pj4ck

PrzemoF wrote: »

Banning the whole open source software is like banning software that has "Z" somewhere in the name.

Because you say so? Anything to back it up? From my point of view, and I've been working in IT sector for last 15 years it seems pretty reasonable. You can't have every John and Mary install crap on corporate machines because they feel like it and "ya know, it's free". Who is going to look after those machines if not IT? Who is going to pay for IT's time?

stevenmu

It's reasonable to have controls around the installation of software, who can do it and what software can be installed. But simple blanket banning of all open source software is not reasonable.

TrueDub

fl4pj4ck wrote: »

Because you say so? Anything to back it up? From my point of view, and I've been working in IT sector for last 15 years it seems pretty reasonable. You can't have every John and Mary install crap on corporate machines because they feel like it and "ya know, it's free". Who is going to look after those machines if not IT? Who is going to pay for IT's time?

Open source, not free software.

Banning things like using the spring framework, or Maven, or Tomcat.

fl4pj4ck

Car to answer why is that? From IT perspective blanket banning everything but required software is a great idea. It keeps the cost of maintenance down, increase productivity (i.e. work instructions, training etc.) and minimizes potential disasters

fl4pj4ck

TrueDub wrote: »

Open source, not free software.

Banning things like using the spring framework, or Maven, or Tomcat.

Now you're being very specific. I don't see anything unreasonable with banning Spring/Maven or Tomcat in a n Accountancy firm.

mad turnip

increase productivity

What?

You would be forced to write so much more of your own code to do what another open source applications already achieves, you would literally spend 100x times more time on stupid tasks that you could use open source software for.

syklops

fl4pj4ck wrote: »

Car to answer why is that? From IT perspective blanket banning everything but required software is a great idea. It keeps the cost of maintenance down, increase productivity (i.e. work instructions, training etc.) and minimizes potential disasters

Quis costodiet ipsos custodes?

It depends who chooses what the required software is and is not. If they have a good, well rounded knowledge of all IT functions in a company, then great. If not, well, it could have costly consequences.

No Open Source, so no putty. How do you connect/configure routers and switches? No Apache, so now you need to go and buy Windows and IIS for your webserver and transfer the content.. Id love to see the look on the managers face when you tell him you have to get rid of all the new Smart TVs, because they run linux and contravene the no Open Source policy.

percy212

Locked down desktops for developers. No installation of anything of any kind other than standard tools. Dropped fairly quickly........

moycullen14

fl4pj4ck wrote: »

Car to answer why is that? From IT perspective blanket banning everything but required software is a great idea. It keeps the cost of maintenance down, increase productivity (i.e. work instructions, training etc.) and minimizes potential disasters

Yeah but it's not about keeping 'IT' happy. This is where I have a problem with trying to develop in non-core companies. IMHO IT or sysadmin, really all management, is there to facilitate and help development. You just don't get that attitude in non development organisations. If a company is happy to have me wasting time, fighting useless policies and re-inventing the wheel then they don't value what I'm doing and I don't want to work there. Simples.

Sparks

Kinda hard to answer this one without risking breaking NDAs.
Which sortof is an answer in and of itself I suppose
I think perhaps the daftest one I've seen that I can talk about was the policy (from quite a while back but not so far back that subversion didn't exist) that we could only work on the production server after business hours.


Please note, I didn't use the word "deploy" there...

moycullen14

syklops wrote: »

Quis costodiet ipsos custodes?

It depends who chooses what the required software is and is not. If they have a good, well rounded knowledge of all IT functions in a company, then great. If not, well, it could have costly consequences.

No Open Source, so no putty. How do you connect/configure routers and switches? No Apache, so now you need to go and buy Windows and IIS for your webserver and transfer the content.. Id love to see the look on the managers face when you tell him you have to get rid of all the new Smart TVs, because they run linux and contravene the no Open Source policy.

But it does happen. Linux? No, use HP-UX or AIX. Apache? No, websphere. MySQL, no ORACLE. God, the money people waste on crap is unbelievable.

If it was coming out of the IT director's pocket, you'd see proprietary stuff dropped like a hot potato.

DublinWriter

moycullen14 wrote: »

MySQL, no ORACLE.

Oracle own mySQL...delicious ironing.

Sparks

moycullen14 wrote: »

Yeah but it's not about keeping 'IT' happy.

In fact, "IT" is the wrong department. In our case it's called "Business Controls" and unless you just felt the room get colder and saw the colours fade a little, you don't have a full understanding of the problem. The running joke is that they're not so much employees of the company as they are the Auditers from the Discworld novels.

In other words, we're not talking about a bunch of sysadmins here with odd ideas and no sensible oversight, we're talking about a group of people handed a large wodge of rules (often dozens of pages worth) by Legal (and yes, all the colour just faded out completely when you said that) and who are responsible for implementing those rules and failing to do so means some nasty chats with HR (blind yet? You should be, it's for your own protection...)

syklops

moycullen14 wrote: »

But it does happen. Linux? No, use HP-UX or AIX. Apache? No, websphere. MySQL, no ORACLE. God, the money people waste on crap is unbelievable.

If it was coming out of the IT director's pocket, you'd see proprietary stuff dropped like a hot potato.

Im not saying it doesnt happen, of course it happens and is an excellent mention for "ridiculous IT policies".

No linux, but you can use AIX? I think Id cry.

No, as another poster said, I simply wouldnt want to work there.

Funny how AIX got a mention. Was working securing AIX servers. Was asked to get the patches installed on 50 servers. Fine, says I, I'll bash out a quick perl script to connect to each server run the command and save the output in a report, be done today says I.

No. Its a policy to only allow senior admins write scripts. Everything else must be done manually.

50 servers. I told them with that number of servers it is mathematically certain I will mistype something or make a mistake, a script will do the same thing each time. Sorry they say, thats the policy.

I didn't last there very long.

GreeBo

No external drives/USB keys allowed so we cant steal data.

Though we are all told to bring our laptops home every night for business continuity purposes...

DublinWriter

What's the most ridiculous IT policy I've come across?

Outsourcing.

Full stop.

TonyStark

DublinWriter wrote: »

What's the most ridiculous IT policy I've come across?

Outsourcing.

Full stop.

Yay! Let's hire some consultants in.... What could possibly go wrong.....!?

Risk is managed...oh wait they've gone bust.

DublinWriter

TonyStark wrote: »

What could possibly go wrong.....!?

You mean something like the IT staff who are about to be reassigned to the outsourcing company under reduced pay and conditions suddenly finding that the CEO is accessing porn on his company laptop and going public with it?

Nah...that would never happen *cough*

TonyStark

DublinWriter wrote: »

You mean something like the IT staff who are about to be reassigned to the outsourcing company under reduced pay and conditions suddenly finding that the CEO is accessing porn on his company laptop and going public with it?

Nah...that would never happen *cough*

More in the context of being left shovel the **** of the Celtic Tiger ebbing and seeing some atrocious consultancy work.. I'll save it for the bad code thread.

BrokenArrows

Our IT department insists on leaving Symantec Endpoint configured in such a way that it updates the definitions multiple times a day during business hours. Which is oh so fun as it downloads a 700+ MB updates 4+ times a day, processes the definitions and runs a system scan after it does the update.

I checked the IO byte count of the update process on my computer which has been running for 20 days. The byte count was at something like 17 terabytes. That's insane and that's not even counting the virus scanning which occurs under the windows System process.

PrzemoF

fl4pj4ck wrote: »

Car to answer why is that? From IT perspective blanket banning everything but required software is a great idea. It keeps the cost of maintenance down, increase productivity (i.e. work instructions, training etc.) and minimizes potential disasters

You're nicely mixing "open source", "free software", "free, but no source" and "everything, but required software" together. Controlling what is on a PC is one thing and simply banning software because it's open source is another.

moycullen14

PrzemoF wrote: »

You're nicely mixing "open source", "free software", "free, but no source" and "everything, but required software" together. Controlling what is on a PC is one thing and simply banning software because it's open source is another.

Very true. I wouldn't mind IT departments controlling what is on machines if they didn't do such a half-a**ed job of it. As a contractor, it would be great to have a complete, up-to-date machine with all the software I require on it AND have it working.

I don't know how much time I've wasted over the years manually configuring stuff that just doesn't work.

fl4pj4ck

PrzemoF wrote: »

You're nicely mixing "open source", "free software", "free, but no source" and "everything, but required software" together. Controlling what is on a PC is one thing and simply banning software because it's open source is another.

No I am not. You don't seem to realize that allowing or disallowing certain software to be used is ultimately a business decision. What a business needs is a set of tools to accomplish certain range of tasks. Decisions needs to be made regarding availability of these tools, the cost of them being introduced and cost of the IT infrastructure being maintained. And it has nothing to do with what employees are thinking is the most productive. It's the business decision when case studies are performed.

Also all processes have to be documented to certain extend, to achieve certifications as ISO. To be compliant with those, a company cannot simply allow employees to use whatever tools they like.

You on the other hand seem like open source evangelist with a little or no knowledge of what impact it has on business or business improvement process. Allowing people to use whatever tools they want is only asking for trouble and will ultimately lead to disaster.

As you failed to provide any evidence of why using open source software is beneficial and should be allowed without any if's and butt's, I will refrain from further posting in this thread.

stevenmu

I think you're missing the point. Yes, it can be important to have governance and controls around what software gets installed. And it's very reasonable that organisations will have a procedure to decide what software gets selected that will have a number of factors.

But ruling out open source entirely doesn't help that in any way. The only difference it makes is artificially limiting what choices of software are considered. Lets take a quick and simple example:


Suppose a team (it could be a team of developers or any other team) decides they want to build an internal knowledge base. Requirements get analysed, business cases get drawn up, change requests get made and risk logs get signed off on. It's decided as part of this that a Wiki is the best way to let everyone contribute and manage it. It gets approved by everyone who needs to approve such things, a preliminary budget is granted, everyone gets excited, it's going ahead, new software is going to be deployed and nothing can stop it now. All that needs to happen is to decide what Wiki software to use.

Now I'm not hugely familiar with many Wiki engines, but afaik the two best are MediaWiki and TikiWiki, both of which are open source. The only closed source one I'm aware of is built into SharePoint, and as much as I love SharePoint and think it should be used by everyone, it's Wiki functionality isn't the best out there and if that's all you're interested in then it's also complete overkill.

Now if open source is ruled out automatically you are straight away ruling out the two best options available to you and insisting on a solution with less Wiki functionality. And SharePoint is certainly not going to require less training, support or management than a simple open source Wiki engine running on a LAMP or WAMP server. Ruling out open source has not helped in any way, and in fact just made things slightly worse.


And fwiw, I'm not an open source advocate. I rarely use open source software, I work almost entirely within the Microsoft stack and regularly argue the benefits of Microsoft based solutions over open source ones. But, I also believe in the right tool for the job.

PrzemoF

fl4pj4ck wrote: »

To be honest OP, nothing in your stories seems unreasonable from IT point of view.

That's about open source.

fl4pj4ck wrote: »

Because you say so? Anything to back it up? From my point of view, and I've been working in IT sector for last 15 years it seems pretty reasonable. You can't have every John and Mary install crap on corporate machines because they feel like it and "ya know, it's free". Who is going to look after those machines if not IT? Who is going to pay for IT's time?

That's about free software

fl4pj4ck wrote: »

Car to answer why is that? From IT perspective blanket banning everything but required software is a great idea. It keeps the cost of maintenance down, increase productivity (i.e. work instructions, training etc.) and minimizes potential disasters

That's about "anything, but required software"

And you say: "I'm not" [mixing]??

fl4pj4ck wrote: »

No I am not. You don't seem to realize that allowing or disallowing certain software to be used is ultimately a business decision. What a business needs is a set of tools to accomplish certain range of tasks. Decisions needs to be made regarding availability of these tools, the cost of them being introduced and cost of the IT infrastructure being maintained. And it has nothing to do with what employees are thinking is the most productive. It's the business decision when case studies are performed.

Also all processes have to be documented to certain extend, to achieve certifications as ISO. To be compliant with those, a company cannot simply allow employees to use whatever tools they like.

You on the other hand seem like open source evangelist with a little or no knowledge of what impact it has on business or business improvement process. Allowing people to use whatever tools they want is only asking for trouble and will ultimately lead to disaster.

As you failed to provide any evidence of why using open source software is beneficial and should be allowed without any if's and butt's, I will refrain from further posting in this thread.

Great! Here you go: A couple weeks ago I used gimp (yes, that open source image manipulating software) to save a project for a _huge_ client. It got included in the official procedure for that project. Gimp saved the bacon and we managed to get everything ready before the deadline. Gimp was used to fill the gaps in proprietary software functionality.

No way I could do it without open source. Getting photoshop licence approved would probably take me a week or more as I don't use any image processing software on daily basis.

I never said that open source software should be used without any restrictions just because it's open source and you never proved that open source software should be banned in certain situations just because it's open source.
/rant mode off

croo

re: Open Source
I think the point people are making is not that everyone should be allowed to install & use whatever software they ant but that software should be excluded from the list of prescribed software based on the fact that you have access to the source code. It anything it would make more sense to me for the opposite to be the de facto stance.

From my own experiences. It wasn't an IT Policy as such but the strangest request I was ever given was...

Long time ago, in a land far far away, I was tasked with defining an interface between a mainframe application I maintained and a vax based system in a subsidiary company. After some time defining the structure & data (records & fields etc) of the interface, I asked what form the interface might be, e.g. tape (tape would have been the norm at the time … I did say it was long long ago!!) or an file transfer, batched or real-time etc.
"Printed", was the answer, "Printed... on paper."
My counterpart maintained it would be cheaper to hire a room full on “data entry clerks” to (re)enter the data by hand than get a coder to write a load program!?
Needless to say I was pretty astounded - but that’s how it was done!!

That was probably the craziest thing I ever was asked for but there are other things close behind.