[kashchei]

The good news: my wife's boss is getting her a new MacBook to replace her iMac ver. B. The bad news: the department's IT guy--a Windows user who hates Apple with a passion--has told her that he can't simply turn the machine over to her when it arrives. In fact, he told her that he was going to install an activity monitoring program to keep track of what programs she uses and where the laptop is at all times. Has anyone heard of such a program? If so, is there any way to disable it?

[macnuke]

on windows.. it's easy. on Mac OS, not very.
when she gets it, there is an application in the applications>>utilities folder that is already called activity monitor.
launch it when she gets her MB and see what all is running. if the IT guy added anything, it will show up.
if he cripples her book and only gives her limited user account and no admin access, she really needs to have words with her boss.

[mdawson]

It sounds to me like your wife needs to have a talk with her boss outright. Based on what you wrote, I find it more likely that the IT guy will simply sabotage your wifes new MacBook and give her limited access to her own machine. I have seen this kind of shenanigans from anti-Mac IT personnel before and she needs to have him put in check before he can do any damage.

[macnuke]

oh yeah.. while talking with the boss.... demand IT cough up all the disks that came with the machine.
they really need to be with the machine "in case" when she isn't at the office.
once she has those, all the evil that IT does can be tossed easily.

[schokid02]

I second macnuke's suggestions. Definitely demand to get all the Install discs, and then when she gets the computer from IT she can just to a clean reinstall of the OS.
If for some reason she is unable to get the original discs, then I'd recommend she borrow someone else's or buy DiskWarrior. DiskWarrior will be a good emergency tool and it will also let you reset the admin password so she has full access.

[maflynn]

While I agree with Macnuke's assertion about the disks, I doubt if it will happen.
Whenever I get a new computer from work, I don't get the disks (its a pc). They install a version of windows with various settings already configured and unless you work in IT you won't be an administrator on the computer.
This is done for a variety of reasons. First from a support perspective, they don't want people changing (and breaking xp). They want to reduce the support calls and they don't want people loading software that could compromise the network.
While I don't agree with those practices, most companies have standards and as long as the IT guy does the same thing for PCs as he's going to do for the Mac, you may not have too much of an argument.
Mike

[drmbb]

<edit> /forums/ubbthreads/images/graemlins/frown.gif maflynn beat me to it ,</edit>
While the computer user in me agrees with everyone here, I'd point out that some of the suggestions made here would be potential firing offenses in many corporations.
While companies vary greatly in their computer use policies, they do own the hardware, and have the legal right to control your use of it. Does this machine contain any sensitive data (personal or confidential information, proprietary information or the like)? Many companies do not even allow you to have admin rights on your own laptop - all you get is a regular user account (my brother's bank does this, and they are very strict about discipling laptop users who violate that policy - they even tell everyone that they may use commercial spyware and loggers to ensure enforcement of their IT polciy).
Just saying that before kashchei' wife leaps ahead with any of the suggestions here, she be sure that she is not violating corporate policy or the terms of her employment with whatever she does.

[maflynn]

I may have beat you to the punch, but you converyed the idea of corporate policy better then I did /forums/ubbthreads/images/graemlins/smile.gif

[drmbb]

The latest thing I've heard is companies developing security apps to severely limit even write access to your own laptops hard drive, and crippling external connection ports (firewire and USB) so writeable devices may not be attached.
The rationale is to avoid things like the VA's case of someone wandering around with sensitive data on a laptop hard drive. The intention is to allow laptop users remote, secure connections to work with sensitive data, but to ensure that the data/work is never stored anywhere but the companies secure servers.
Personally, I think it's about time a lot of companies got this serious about laptop use. Many have been far to lax about even thinking about laptops and data security, let only putting any policy into practice.
I know that most people would be careful and conscientious about their work material, but it only takes either one mindless person, or one unfortunate one (good intentions don't stop theft, for example).
/forums/ubbthreads/images/graemlins/grin.gif Of course, I have no idea what kashchei's wife does for a living, so all of this may not be relevant at all.