Orgs in the k1200
Hi,
We have the k1200 and we've got several separate IT departments. There's a debate going on whether or not orgs would be the best way to handle those personnel. I'm wondering what other k1200 (especially Higher Education) implemented for their Kbox?
Our debate is between two camps:
1) flat structure
-Global changes and reporting are available and everyone has the same level access
2) Separate Orgs
-Each org takes care of itself, less chance of error but global reporting suffers because reports have to be generated per org
We have the k1200 and we've got several separate IT departments. There's a debate going on whether or not orgs would be the best way to handle those personnel. I'm wondering what other k1200 (especially Higher Education) implemented for their Kbox?
Our debate is between two camps:
1) flat structure
-Global changes and reporting are available and everyone has the same level access
2) Separate Orgs
-Each org takes care of itself, less chance of error but global reporting suffers because reports have to be generated per org
0 Comments
[ + ] Show comments
Answers (1)
Please log in to answer
Posted by:
nbs
12 years ago
We're not an educational organisation (retail shop industry), however I have split out to two organisations as the two enviroments are not overly similiar.
1/ 'Above store staff', these people have their own PCs (mostly laptops) and are the office staff or area managers / field HR / Development, etc.
2/ 'Stores', these are the store office PC and tills in each store.
The above structure allows me to contemplate giving the store support team access to KACE without compromising above store, and more importantly, vica versa, the threat of an overzealous above store tech pushing down an untested patch or software to 4000 devices on a friday afternoon (mostly store tills) is, concerning.
As the two structures are generally different there isn't much that needs to be shared between the two.
Where I have a situation where the organisation is the same in regards to jobs, labels and reports we have accepted a flat structure (there was an idea about giving individual franchisee's access to their store devices via KACE, however we have 40 franchisee's and the idea of replicating jobs, reports and labels across all 40 and keeping them in sync killed the idea).
Some other way of defining security boundaries other than organisations would be great, for example if we could perhaps nest organisations under a master organisation wit the nested organisations sharing the labels / jobs / MIs etc that would do the job far better than the current situation for us. (feature request! feature request!! :D )
1/ 'Above store staff', these people have their own PCs (mostly laptops) and are the office staff or area managers / field HR / Development, etc.
2/ 'Stores', these are the store office PC and tills in each store.
The above structure allows me to contemplate giving the store support team access to KACE without compromising above store, and more importantly, vica versa, the threat of an overzealous above store tech pushing down an untested patch or software to 4000 devices on a friday afternoon (mostly store tills) is, concerning.
As the two structures are generally different there isn't much that needs to be shared between the two.
Where I have a situation where the organisation is the same in regards to jobs, labels and reports we have accepted a flat structure (there was an idea about giving individual franchisee's access to their store devices via KACE, however we have 40 franchisee's and the idea of replicating jobs, reports and labels across all 40 and keeping them in sync killed the idea).
Some other way of defining security boundaries other than organisations would be great, for example if we could perhaps nest organisations under a master organisation wit the nested organisations sharing the labels / jobs / MIs etc that would do the job far better than the current situation for us. (feature request! feature request!! :D )
Rating comments in this legacy AppDeploy message board thread won't reorder them,so that the conversation will remain readable.
