I work for a major computer manufacturer. 5 years ago I purchased a license for Beyond Compare. I already have the license. It costs and additional $0.00 to install it. However, to be allowed to install it I need:


Pre-approvals are required by:
Your VP
Your organization’s SVP or President
A Category Owner within <company>
A <company> Digital executive and the Chief Digital Officer


Seriously. The VP of my massive company doesn't have anything better to do than approve/deny installations of simple diff utilities I need to do my job.

We're talking an organization with $100 BILLION market cap, and I need VP authorization? You can't find an IT guy to approve/deny these things?

That’s because there’s no upside to the IT with plenty of potential downsides to the company. They don’t know if your software is a Trojan malware.

I have Beyond Compare so I know what it does.

What I’m used to is you can only install what’s available on the company server. Not everyone gets everything so everyone has to justify software that’s not standard for their role.

So, clearly, they don’t want any new software but they leave themselves an out.

It’s the same reasoning as when if you allow your training to lapse, you have to personally see the VP. They don’t want anyone to lapse in their training.

40 years in IT Infrastructure with a close involvement with security, so I have a bit of background in this space.

First and foremost, if the company supplies you with a device, they own the device and get to decide what does, and doesn't, get installed on that device. If you have company owned device, assume that everything you do is tracked and act accordingly.

Conversely, if you supply your own device, I believe the company has no say in what's installed.

Let's assume that you are using a company owned device. A large company may have thousands of computers. The company I worked for had somewhere around 80,000. To maintain some level of security and operational integrity, consistent updates must be installed. Each update requires testing against the suite of installed products to ensure interoperability. Limiting the number of software products makes that task possible.

You state that you need Beyond Compare to do your job. I did a quick search and there are alternatives, many alternatives. There are mechanisms within large companies that allow for changes or additions to the standard software suite, follow up with the Enterprise Architecture team to initiate the process.

I suspect your company already has a product with similar functionality to Beyond Compare. Enterprise Architecture would initiate a process of comparison that determines if one product can provide the necessary functionality or if multiple products are needed and where they can be appropriately deployed.

In addition to the above, there are concerns about security (anything open source has potential for exploit), licensing, Intellectual Property lawsuits, training, support and maintenance.

Yeah, I know I represent Mordac the Preventer. I also represent everyone in IT who attempts to keep the company running. BTDT when 40,000 PC's are down because an update was not fully regression tested and there is a conflict with OS and application. It's not pretty and no one walks away happy.

FWIW, interoperability has greatly evolved over time so the logistics are better but the security, legal and training elements will always present challenges.

I suggest that you request your company to purchase that software and authorize you to use it.

You should clearly state why its purchase would benefit the company.

quote:

Originally posted by fwbulldog:
I work for a ...

I believe the word you're looking for is 'bureaucracy'

In light of the damage done by Crowdstrikes recent upgrade, and the Cyberattack on CDK that has cost the auto industry likely billions of dollars, there is no way in hell I'd install any software on a corporate computer or phone without approval in quadruplicate.

Look at it as a CYA for you, if all those folks sign off it provides some protection for your recommendation should the SHIF...

quote:

Originally posted by HRK:
In light of the damage done by Crowdstrikes recent upgrade, and the Cyberattack on CDK that has cost the auto industry likely billions of dollars, there is no way in hell I'd install any software on a corporate computer or phone without approval in quadruplicate.

Look at it as a CYA for you, if all those folks sign off it provides some protection for your recommendation should the SHIF...

Totally agree. CYA on this.