How to maintain hardware and software

The management of hardware and software assets has become much more complex since the days when the corporate user had one PC on the corporate LAN running a small number of applications. These days, users employ a range of applications on their PCs, laptops and handheld devices, each requiring support. The complexity is compounded by the increasing number of corporate users working on the road or in remote offices that are beyond the reach of traditional LAN-based management systems. With more systems and more applications in more places, budget-constrained IT departments face a considerable challenge.

In addition to cost and control considerations such as inventory and asset management, or logistical concerns such as technical support, hardware and software management is in many ways a security issue. As more people work from remote offices, on the road or from home, IT departments have come to realize that user-initiated configuration changes and out-of-date software on remote machines are the new weakest link in corporate security. The following are four considerations for the simple, secure management of hardware and software assets in the enterprise:

1. Discovering and Tracking Hardware and Software

[ Related: Windows 10 Redstone: A guide to the builds ]

Simply put, the first step toward the effective management of hardware and software is learning what hardware and software is deployed. As employees change departments, new people are hired and existing employees leave the company, PCs and other devices are redeployed and loaded with different software versions. As a result, it can be very difficult to track hardware or software seat licenses for the purposes of resource deployment and the management of IT spending. Discovering all hardware and registered software can help save you money, and identifying unapproved software on a device might save you from a destructive virus or hacker.

Easy does it: The IT staff requires a means of silently and automatically discovering every piece of the hardware on the network, as well as what version of what software is on those devices. Look for a solution that is easy to deploy and integrates easily with your existing infrastructure. Your solution should update information about each system in real time, and enable you to view and assess the needs of groups of devices or users separately from the larger group.

Holding handhelds: Many companies haven't set corporate standards for the types of handheld and mobile devices that are supported. Very often, employees purchase their own devices and are using them to access sensitive corporate data. Discovery of handheld devices is a critical security issue because they are so easily lost or stolen, along with confidential client or corporate information and passwords stored on the device. If you didn't know one of your employees was synching his email to a PDA, you wouldn't know when the person who stole the device does the same. Your asset discovery and management solution must be able to discover a range of mobile devices when they connect to your network through a cradle or wireless access point, as well as identify what software is installed on them.

Keeping things fresh: By having a clear, up-to-date picture of your hardware and software assets, your company can be much more nimble in allocating resources for IT infrastructure. Hardware and software upgrades, software license purchases and asset obsolescence can be forecast more accurately for future requirements.

[ Take this mobile device management course from PluralSight and learn how to secure devices in your company without degrading the user experience. ]

2) Software Distribution

Your IT department faces the ongoing challenge of distributing new software, virus profile updates, operating system patches and updates of existing software. The objective here is to push out updates to PCs, laptops and other mobile devices, without requiring workers to insert CDs or download files. Deployment of software should take place without the need for user intervention and without using bandwidth users require to keep working.

You are the IT professional: Don't rely on a busy employee to install a security patch correctly -- or at all. Enforce corporate security standards and optimal system configurations from a central management console. Dropping off or sending CDs for a user to install wastes the employee's time and will make more work for your help desk when the install goes wrong.

Out of office: While the bulk of the devices on your network are probably PCs, it's important to employ a management solution that can accommodate the special needs of mobile and remote workers. Timely distribution of virus profiles or security patches is extremely important in these situations, since mobile and remote devices operate outside your corporate firewall. Since users generally connect to the network on a dial-up or wireless connection, software deployment should use as little bandwidth as necessary and pick up where it left off if the connection is dropped. Shipping CDs to mobile or remote users is expensive if you have a lot of them, and it means low productivity for at least a day.

Take it away: The other side of the software distribution challenge is the removal of outdated or unauthorized software from employee systems. Your systems management solution should enable you to remove software when a newer version of an application is deployed, when deployment of an application exceeds the number of licensed copies, or when a user downloads and installs an application that threatens network security. If a PDA or laptop is lost or stolen, it might even be necessary to delete any sensitive data or applications before the new owner causes any damage to your network.

3) Help Desk Support

As long as humans are using computing devices, they will need to speak to another person when something goes wrong. However, help desk requirements can be minimized with a comprehensive management strategy. That strategy should include options for remote control of mobile devices and easy access to information about the user's machine.

Excellent visibility: Knowing everything about a user's system from the start of a help desk call radically simplifies the job of tech support personnel. If tech support can see which version of the user's operating system is installed, relevant patches can be sent immediately.

Anywhere they roam: Shipping PCs back and forth for minor problems that could be remotely fixed means considerable downtime for that employee. But whether the user is down the hall or in another country, you can minimize the amount of time IT staff spends on user support by implementing a management tool that allows help desk staff to remotely control and troubleshoot the system. In instances where the user has only a phone line to connect to your help desk, the management solution should enable communication with the user via an instant messaging application or chat tool.

4) Image Updating, Retiring Assets and Migration

In these budget-conscious times, IT organizations must often choose to upgrade rather than replace older systems. However, replacing the operating system on a large number of PCs and laptops can be a monumental task, with drastic implications for worker productivity.

Nice and easy: Choose a management tool that can enable automatic, global operating system migrations across your entire network. Again, operating system upgrades should be free of CD shipping and/or user intervention, in order to keep employees working and complete the update in a reasonable amount of time.

Group dynamics: Different departments in your organization, such as sales or research and development, likely have different needs for system configurations. Some groups' system images change frequently, while others are relatively static. Employ management solutions that can address the needs of different groups, rather than applying a one-configuration-fits-all approach.

Make it personal: When reimaging or migrating a user system, it is important to protect user settings and information. For many users, losing their Web bookmarks, contacts or VPN settings would be catastrophic and mean hours of unnecessary searching for information and calls to the support desk. Your management solution should be smart enough to detect user settings and replace them once the new operating system is installed.

The Bottom Line

If your IT department is like most, they are understaffed and have a million things to do, above and beyond critical systems management tasks that directly impact the productivity and security of your organization. These management tasks could easily be administered with the right set of tools. Your IT organization requires a solution that is comprehensive, easy to deploy and easy to use. Otherwise, the growth of mobile and remote user populations and their associated support headaches will bury your IT staff in mundane maintenance tasks and leave your organization open to preventable security breaches.harassment. According to research reported by The Atlantic, companies that are male-dominated, hierarchical, and forgiving of bad behavior tend to have hyper-masculine cultures that promote aggressive, competitive relations. This “locker room” environment includes treating women as “sexualized pawns” and discourages men from pointing out inappropriate acts by their colleagues.

Policies that are issued but not enforced can be worse than having no policy at all. Sexual harassment is most likely in smaller, privately held companies where those at the top are not accountable to anyone. According to Peter Cappelli of the University of Pennsylvania’s Wharton School, “Bigger companies have very sophisticated policies and practices against sexual harassment, and in the biggest public companies, the CEOs are held accountable for their behavior by the board of directors.” Inaction is prima facie evidence of a hostile work environment and a violation of Title VII of the Civil Rights Act.

Your company’s educational program should:

·         Provide examples of potential stereotypes and biases that can lead to harassment

·         Note that anyone who experiences, witnesses, or becomes aware of abuse is required to report it immediately

·         Confirm that complaints of harassment will be treated confidentially to the greatest extent possible and only shared on a “need-to-know” basis or as required by law

·         Detail the process and schedule by which a claim of harassment is investigated and adjudicated

The education process should begin at the time of an employee’s initial hire and be reinforced through periodic discussion and refresher courses. Document all instances of training with times, dates, attendees, and instructors to provide legal evidence of your company’s intent and effort to provide a harassment-free workplace.

Many states have passed specific laws and requirements for training that are more extensive than those required by federal law. Unfortunately, the responsibility for investigating claims varies from state to state. Those who have a potential case are best advised to contact a local state representative or senator for directions on how to proceed.

3. Address Romantic Relationships Between Employees

Employees dating is an issue every company must deal with head-on, rather than waiting until a situation arises to determine their course of action. Some companies take a hard line, forbidding romantic relationships between employees, vendors, and customers to eliminate harassment possibilities. Others require that employees notify the company and sign a “relationship contract” stating that the relationship is consensual and confirming that each party has read and will comply with the company’s written policies on harassment.

The decision to accept or prohibit employee relationships is especially difficult for small companies. Ashley Hunter, the owner of a small insurance company with eight employees, implemented a policy that banned relationships between co-workers and vendors, saying, “If you’re in a billion dollar business, you can weather those problems [claims of harassment], but I can’t.”

4. Set Up Multiple Options for Complaint Reporting

If your anti-harassment policy restricts reporting to direct supervisors, it is worthless since the supervisor may be the harasser. Companies should have two or more separate and unrelated contact persons — such as the head of Human Resources, an inside or outside legal counsel, or the person responsible for the oversight of the anti-harassment program — to whom complaints can be reported. Some companies utilize a 24/7 hotline where employees can make allegations anonymously.

Your policy should include a statement that employees will not be subject to retaliation for submitting a complaint. Note that this protection does not excuse malicious or false charges or protect individuals who knowingly engage in such actions. Management should confirm their legal position before taking action against anyone who has filed a harassment complaint.

Where abuse has been discovered or suspected, companies often direct their HR department or a third-party auditor to periodically review company culture and ensure compliance with company policies.

5. Protect the Accuser

Upon receiving a complaint of harassment, the employer should take immediate steps to stop the alleged conduct, protect the rights of the parties, and begin an investigation. Since every action of the investigators might become part of subsequent litigation, documentation of each step of this process is essential.

Separating the accuser from the accused through a transfer, schedule change, or leave of absence might be necessary to avoid retaliation. However, it’s essential that the accuser does not view your action as punishment for reporting the claim. Understand your legal position before taking any action that might escalate the issue.

6. Impartially Investigate Complaints

Most companies rely on their HR department or legal counsel for the investigation of a sexual harassment complaint. The person or persons designated to investigate the complaint must be respected within the organization, have no personal stake in the outcome, and be able to be a credible witness if litigation results. Also, investigators should have:

·         Working knowledge of employment laws

·         The ability to investigate the claim without prejudice

·         The interpersonal skills and temperament necessary to build rapport with the parties and conduct interviews

·         The skills necessary to develop and implement a complete plan of investigation, including identifying the issue, parties, and witnesses; which questions to ask each party; and how to document the process and preserve records

7. Take Meaningful, Appropriate Action

When the investigation is complete, the employer is responsible for determining and implementing corrective action based on the recommendations of the investigators. The appropriate outcome will recognize the severity of the offense, any damage done to victims, previous incidents of all parties, and the company’s legal vulnerability.

Advise the accused and the accuser of the findings and any subsequent disciplinary action taken. If possible, secure the written agreement of the accuser affirming that they have been given a full opportunity to be heard and understood, even if they disagree with the outcome. Finally, schedule follow-up meetings with the parties to ensure the matter is closed.

8. Document the Process, Findings & Outcomes in Detail

Recognizing that every complaint, subsequent investigation, and outcome can become a matter of litigation, carefully document and date all aspects of the case. The SHRM recommends a final written report that summarizes:

·         The incident or issues investigated, including dates of occurrence

·         Parties involved, including the identity and credentials of the investigator(s)

·         Significant factual and credible findings, including any sources of information referenced in the report

·         Employer policies and their application to the investigation

·         Specific conclusions

·         The party responsible for the final determination

·         Any unresolved issues at the time of the report

·         All employer actions taken to resolve the issue

Taking these steps will protect your company from being charged with encouraging or permitting a hostile work environment.

Final Word

In the ultra-competitive global marketplace, company managers increasingly recognize that employee engagement is fundamental to survival and success. A Gallup poll reported in Harvard Business Review found that companies with highly engaged employees experienced 22% higher productivity, 25% lower turnover, and 41% fewer quality defects. Nevertheless, many managers fail to appreciate the changing diversity of their workforce or take steps to ensure the workplace promotes the engagement and well-being of all employees.

In the era of the #MeToo movement, female employees no longer accept sexual harassment as “business as usual.” Failing to prevent harassment or allowing a hostile work environment has drastically negative consequences for businesses. Companies stuck in the 1950s style of male-dominated management and behavior will become marginalized to the point of extinction.

If you’re an employer, do you find managing employees more difficult with the rise of the #MeToo movement? If you’re an employee, have you been a victim of harassment or a hostile workplace or falsely accused of harassment? What did you think of the process?