/build/static/layout/Breadcrumb_cap_w.png

Computer Management Best Practices

I work for a Big10 university and manage the K1000 & K2000 for campus.

We started using Dell Kace on a voluntary basis about a year and a half ago.  We currently manage about 7,000 systems both directly and indirectly (we let depts use the tool to manage their own systems if desired).  We recently partnered with our Procurement Dept on a new, more tightly controlled software distribution process whereby we use the Dell Kace system to manage deployment.  This new process has been met with loud feedback and concerns from faculty/staff over having a client installed and privacy rights, etc.  To that end, we are working on a document for our Faculty Senate that outlines what our peers are doing in this area and would appreciate any quick feedback you could provide on the subject:

 

1.  Are you using a centrally managed enterprise desktop management solution (eg. BigFix, Altiris, LANdesk, Kace, SCCM)?

2.  If so, is it mandatory or an opt-in service?  How big is your deployment (rough % of systems being managed?  Can you share your policy or document that describes the process?

3.  Are users or depts billed for the service?

4.  Any problems with faculty and privacy concerns with a managed deployment?  If so, can you briefly describe the campus approach to your solution for these concerns?

 

Thank you for your feedback!


0 Comments   [ + ] Show comments

Answers (4)

Posted by: samzeeco 12 years ago
10th Degree Black Belt
0

Well I don't work for a school or university, but if it'll help anyways I'd be happy to answer! I work for a privately owned corporation, we have offices around the world, but are mainly based in the US, but have around 800 employees world wide and 500 in the US.

 

1. We're currently using KACE. We hope to have remote site replication working for our external offices by the end of the year.

 

2. It is mandatory. The end goal is to have all of our machines deployed via KACE. Our goal for imaging is to have PCs imaged and to the end user ready to be used within an hour of needing it.

The process varies depending on the situation but largely falls in to two groups: Upgrades and New Machines. While this isn't as verbose as the build documents we have here's the gist.

(1) Machine comes in, if data needs to be backed up we back it up to a storage server.

(2) Make any necessary BIOS changes and boot into the Kace Boot Environment

(3) Select the scripted install we want to run and start the process

(4) If needed, finish any extra software installs and put the user's data back onto the machine.

Depending on if we need to backup data or not, and just how much extra software that particular user requires, we can have the machine done in around an hour and a half.

4. So far we've received glowing praise for the speed KACE has brought us. Privacy hasn't really been an issue as the users didn't buy nor do they own the machines we're using. Since they're company property anything private is put on there at their own discretion and they're aware of that. Though we don't have to, we like to back up and restore the users music, videos, and pictures even if they're not work related (as long as they're not something like porn) simply to provide a better end user experience. But that's really up to your group and how much give you want to have when it comes to personal information on company equipment.

 

I hope this helped!


Comments:
  • Thanks for you reply! This is great info. - sburkey2 12 years ago
Posted by: Arminius 12 years ago
Second Degree Green Belt
0

I used to work for a business partner to a large university.  Basically, what we heard happening was that profs, etc. wanted to do what they wanted and then have IT just help when they couldn't do what they wanted, or messed up and needed help fixing something.  It's an expensive model of doing things - the users bought what they wanted, demanded admin rights, and only wanted IT around at certain points. 

As the business partner, we were able to mandate participation in our asset management/software distribution system (ZENWorks).  So we were at 100% compliance for the Windows devices on our network.  We did not bill back.

Someone always worried about privacy - the best answer I ever heard to that was when I asked the question before I worked in IT.  "Look, we need certain people to have access in order to manage the systems.  If we start going around where we have no business, we shouldn't be doing this job.  In other words, either trust us or fire us." 

There isn't much of a concern with software distribution, anyway.  You're sending software, not accessing their stored files.


Comments:
  • That is very similar to how it is here except the equipment is University owned. Our faculty are more worried about what malicious capabilities KACE could be misused for instead of the major benefits that it is being used for.

    Thanks for your reply! - sburkey2 12 years ago
Posted by: SMal.tmcc 12 years ago
Red Belt
0

We created multiple orgnizations to control the sections seperatly from the single box.  This allows you to customize that section how you/they want.

As to privacy the computers are the property of the college not the individuals.  Our Director runs the policies and settings by a tech commitee and if they sign off it is so.  We have a couple of staff that cry academic freedom, their dean and that faculity member both have to agree to making that person an admin.  At that point we stop supporting that workstation.  If network security or AV reports a problem with that unit we step in to shut down the unit and they are reimaged and loose all admin rights.  While they are an admin the support we provide is to reimage.


Comments:
  • We are currently using the organization setup with over 30 orgs in KACE and only a small handful of people have 'system' admin access to KACE.
    That sounds like a great system. I will see if we can work this into what we are currently drawing up. Thanks!! - sburkey2 12 years ago
Posted by: ms01ak 12 years ago
10th Degree Black Belt
0

I work for medium size university with about 4000 machines right now in kace.

 

1. Are you using a centrally managed enterprise desktop management solution (eg. BigFix, Altiris, LANdesk, Kace, SCCM)?

We used Kace 1200 and Ghost for imaging

2. If so, is it mandatory or an opt-in service? How big is your deployment (rough % of systems being managed? Can you share your policy or document that describes the process?

 

4000 machines

It's close to mandatory (it's a standard operating procedure), we basically explain what Kace is and how it helps the end customer. We found it better to use a soft sell then a hardone. I'd look at Marshall University, they using Kace and have a big blurb on their website about it.

 

3. Are users or depts billed for the service?

Not at this point, the cost is built into IT. I could see it being built into an SLA, but asking for a customer to pay for it, will have most opting out. We tried this it doesn't work, it's better to have Kace on then to be left without and then have to go deploy it manually.

4. Any problems with faculty and privacy concerns with a managed deployment? If so, can you briefly describe the campus approach to your solution for these concerns?

I found that if the installs happen at night during a late hour 1 to 5am, no cares or noticies. I have messages pop up during the installation that tell the user that it's going to happen and I've never gotten a call in the two years we've run kace.  


Comments:
  • Thanks for the reply! - sburkey2 12 years ago
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ