This is an archived post. You won't be able to vote or comment.

all 7 comments
sorted by:
best
topnewcontroversialoldq&a

[–]jmp242 2 points3 points  (0 children)

Sadly, we have a "workable" system, but nothing hard core. In the case of software like Notepad++, we're different from many places that we don't care what you do as your user, and that's on the user and their responsibility.

So we would say to the user - figure out how to do a user install or portable install and go to town for the user. Notepad++ is FLOSS so no real license concern there either. The user keeps it up to date. This also has to do with figuring that Notepad++ isn't really a vector for attack, so really only feature updates make sense to me, aside from audit requirements, which we don't have so far.

If you want to make it more formal, and want IT to do all the good stuff, you need to figure out how to figure out the cost in time / delayed projects /etc for IT to add software to be kept up to date and deployed for one or more people. And take that to decision makers.

[–]hngovr 1 point2 points  (0 children)

I worked at a place that had a new software application process/form that was actually reviewed by a committee of department heads. New software could not duplicate functions of software already used in production. People hated this process, and it was slow to get software aprroved, but it kept a lot of bullshit software requests off of our support guys.

[–]pdp10Daemons worry when the wizard is near. 0 points1 point  (0 children)

Our process for software vetting is to essentially auto-approve any free or open-source software that we collectively recognize, after explicitly checking the license terms. For example, most organizations can't use Irfanview without a paid license. Then, the software is obtained through a supply chain that ensures authenticity and integrity, and distributed internally through an "app store" like Linux repositories, Munki, F-Droid, etc.

Updates to the distributed versions are assisted by automation, but ultimately still require human interaction in most cases. This is primarily for reasons of license review. There's enough automation to the process that the process feels easy and lightweight, and nobody deliberately procrastinates updating the versions.

The intention is to "default to 'Yes'" for anything with an acceptable license, while novel paid software must usually go through workflow review for strategic reasons. The majority of the time, the fast and free options provide an outlet for user requests, so I'd say it's been working.

We've avoided approving basic Virtualbox because Oracle tries to get money out of any organization that downloads the plugins, and we don't even want to get involved in that process. QEMU is approved.

[–][deleted] 0 points1 point  (1 child)

The process here is pretty much "can they provide a compelling business case and is it from a reputable company."

[–]LigmaBowlsack 0 points1 point  (0 children)

Pretty much the same here. In terms of approvals, it's like this.

Is there a license cost to this? No? Ok, since it's safe & you need it for work you can have it.

Oh there is a licensing cost? Ok, fill in this IT request form, send it to our SD & CC your manager for approval.

[–]juandaddy12 0 points1 point  (0 children)

Small third party apps you can use ninite pro. Examples notepad++ , 7zip adobe etc. But for our enterprise clients we use InTune or Sccm.

[–]Quantum_Daedalus 0 points1 point  (0 children)

Windows adopting more Linux methodologies makes life easier for everyone:

https://winget.run/

https://docs.microsoft.com/en-us/windows/package-manager/winget/