Main Nav

This is a topic of ongoing interest here as well. We have just reached the 1 year mark to a more managed environment where we restrict access to local administrator accounts. It has been, as pretty much everyone can guess or knows from experience, painful politically. We have a good process for handling exception requests in place that involves a review board consisting of an administrative staff member, a faculty member and an appointee of the Provost. Requests are reviewed and generally acted upon in less than a week unless there is a need to seek more information (some of the submitted justifications are sketchy or do not contain enough information). Our major challenge has been the number of folks who seem to believe that performing maintenance on "their" computer is part of their job. We also have challenges in getting a good handle on eliminating all of the nuisance popups for updates (Adobe, Java, etc.). While we are doing a better job now, it is still an issue. When it comes to software installations, we are working on a system that will provide a menu of self-service selections. This will operate with our management tool (Altiris) and push those jobs out to the requested computer(s) in short order. Licensing, management, and patching can all be managed in this way and frankly, that is a 90%+ solution right there. As has been commented, the dangers of allowing unrestricted local admin accounts are well documented, and not all of the issues are strictly security related. As only one example, something as common as Java comes with extra software selections *preselected* during installation. If users do not know what to look for and are allowed to self-install, we're going to have a lot of computers running the toolbar in short order. At this point, we know that our support workload has largely shifted from fire-fighting to satisfying on demand software installations and normal configuration issues. The number of pending support tickets has been reduced, at least partially due to this shift in policy. We are also working through plans to further streamline the request process, which will include a self-paced education component plus assessment, ties to the property system (for verifying 'ownership') and partial automation of this process. We firmly believe we are on the right path in terms of how to most effectively deliver high quality support within a very constrained budget. Whether this holds up in the face of the cultural and political hurdles most (if not all) higher ed institutions face remains to be seen, but we are hopeful that it will. ~Jeff Jeff Durfee, CISSP Director, IT Security University of North Florida

Annual Conference
September 29–October 2
View Proceedings

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.


Digital Badges
Member recognition effort
Earn yours >

Career Center

Leadership and Management Programs

EDUCAUSE Institute
Project Management



Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.


EDUCAUSE organizes its efforts around three IT Focus Areas



Join These Programs If Your Focus Is


Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.



2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations

Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.