Systems Management

Well I don't work for a school or university, but if it'll help anyways I'd be happy to answer! I work for a privately owned corporation, we have offices around the world, but are mainly based in the US, but have around 800 employees world wide and 500 in the US.

1. We're currently using KACE. We hope to have remote site replication working for our external offices by the end of the year.

2. It is mandatory. The end goal is to have all of our machines deployed via KACE. Our goal for imaging is to have PCs imaged and to the end user ready to be used within an hour of needing it.

The process varies depending on the situation but largely falls in to two groups: Upgrades and New Machines. While this isn't as verbose as the build documents we have here's the gist.

(1) Machine comes in, if data needs to be backed up we back it up to a storage server.

(2) Make any necessary BIOS changes and boot into the Kace Boot Environment

(3) Select the scripted install we want to run and start the process

(4) If needed, finish any extra software installs and put the user's data back onto the machine.

Depending on if we need to backup data or not, and just how much extra software that particular user requires, we can have the machine done in around an hour and a half.

4. So far we've received glowing praise for the speed KACE has brought us. Privacy hasn't really been an issue as the users didn't buy nor do they own the machines we're using. Since they're company property anything private is put on there at their own discretion and they're aware of that. Though we don't have to, we like to back up and restore the users music, videos, and pictures even if they're not work related (as long as they're not something like porn) simply to provide a better end user experience. But that's really up to your group and how much give you want to have when it comes to personal information on company equipment.

I hope this helped!

I used to work for a business partner to a large university.  Basically, what we heard happening was that profs, etc. wanted to do what they wanted and then have IT just help when they couldn't do what they wanted, or messed up and needed help fixing something.  It's an expensive model of doing things - the users bought what they wanted, demanded admin rights, and only wanted IT around at certain points. 

As the business partner, we were able to mandate participation in our asset management/software distribution system (ZENWorks).  So we were at 100% compliance for the Windows devices on our network.  We did not bill back.

Someone always worried about privacy - the best answer I ever heard to that was when I asked the question before I worked in IT.  "Look, we need certain people to have access in order to manage the systems.  If we start going around where we have no business, we shouldn't be doing this job.  In other words, either trust us or fire us." 

There isn't much of a concern with software distribution, anyway.  You're sending software, not accessing their stored files.

We created multiple orgnizations to control the sections seperatly from the single box.  This allows you to customize that section how you/they want.

As to privacy the computers are the property of the college not the individuals.  Our Director runs the policies and settings by a tech commitee and if they sign off it is so.  We have a couple of staff that cry academic freedom, their dean and that faculity member both have to agree to making that person an admin.  At that point we stop supporting that workstation.  If network security or AV reports a problem with that unit we step in to shut down the unit and they are reimaged and loose all admin rights.  While they are an admin the support we provide is to reimage.

I work for medium size university with about 4000 machines right now in kace.

1. Are you using a centrally managed enterprise desktop management solution (eg. BigFix, Altiris, LANdesk, Kace, SCCM)?

We used Kace 1200 and Ghost for imaging

2. If so, is it mandatory or an opt-in service? How big is your deployment (rough % of systems being managed? Can you share your policy or document that describes the process?

4000 machines

It's close to mandatory (it's a standard operating procedure), we basically explain what Kace is and how it helps the end customer. We found it better to use a soft sell then a hardone. I'd look at Marshall University, they using Kace and have a big blurb on their website about it.

3. Are users or depts billed for the service?

Not at this point, the cost is built into IT. I could see it being built into an SLA, but asking for a customer to pay for it, will have most opting out. We tried this it doesn't work, it's better to have Kace on then to be left without and then have to go deploy it manually.

4. Any problems with faculty and privacy concerns with a managed deployment? If so, can you briefly describe the campus approach to your solution for these concerns?

I found that if the installs happen at night during a late hour 1 to 5am, no cares or noticies. I have messages pop up during the installation that tell the user that it's going to happen and I've never gotten a call in the two years we've run kace.