In balancing ease-of-use with security concerns and compliance with government regulations, the processes by which software downloads are handled and executed have some changes that must be expressed. Firstly, adjustments have been made to comply with new government regulations such as the National Institute of Standards and Technology (NIST) 800-171 Rev. 2. It is also understood that latency from the BPM 12004 process is frustrating, but the legal and fiscal protection that it offers is designed to help you avoid more frustrating issues like software being unusable before purchases have been made. To bring more awareness to the issue of software installation, there is a list of the ways that software installation can be performed detailed below.
The only time that a user should have administrator privileges is when there is a business need that is part of their job function. Experience using the LAPS system over the last several years has exposed the following use cases:
Most use cases put the campus personnel and system at risk and hinder IT’s ability to protect the campus community and manage campus computer and software. There are cases, however, where a non-IT member of campus has responsibility for systems that are still managed by IT. For example, some software installations are difficult enough that only a practiced user of the software can perform them. IT will need to partner with these non-IT community members to perform the installation and test the software to ensure it is functioning properly (see Administrator Delegate Program above).