I’d been slowly compiling a list of points on the topic of corporate users being allowed administrative rights on their systems. Not that I want users to have such power, but what if it’s not your choice? What if it costs more to piss off your users and steal creativity than it does to exert draconian control on their systems? The sort of a topic that goes into what to do in such an environment to tip the scales back in the IT/Sec team’s favor.
Seems a similar story has run on InfoWorld, been Slashdotted, and mentioned elsewhere. Nice discussion! Hopefully soon I can tie up my own post, but, being a braindump sort of post it seems never-ending!