[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 238
  • Last Modified:

Purchasing kit outside normal procurement rules

I am trying to put together a comprehensive list of risks/issues that arise from the following scenario - to identify as many issues/risks as possible to help quash this sort of practice. Corporate policy dictates IT equipment has to be purchased via our 3rd part outsourced IT contractor. A sub department of our company has taken it on themselves to purchase a number of iPad devices without doing this through the proper channels. What kind of issues or risks does this create? What does could purchasing equipment through your IT bring? How does the purchasing of IT kit work in your environment?
0
pma111
Asked:
pma111
1 Solution
 
giltjrCommented:
Who you actually purchase it from typically does not matter, unless you get some sort of discount.  The issues?  That depends.  When purchased outside the normal channels:

Who will support it?
Will it work with your current environment?
Are their security risks?
Were maintenance contracts purchased?

If your IT contractor will not support anything that they don't purchase, then as long as the "users" are aware that they are on their own for anything they buy and if it does not work on your network or does not meet your security standards then let it happen.  However I do realize that some users don't care about that and even if they don't follow the rules they want you to make it work.

It's tough, but that is the way it has been for as long as I have been in the business, 30 years.


We have a purchasing group where there is one employee that specializes in purchasing IT equipment.  However, we have some departments that don't see some equipment as "IT" related equipment and thus just get it on their own and the IT group don't find out about it until it is asked to connect to the network.  Example:  LAN attached copiers, LAN attached faxes.  I'm not talking about the desktop multifunction devices.  I'm talking about the copiers that stand on the floor.  That is a "copier" that just happens to connect to the LAN, not a piece of "IT" equipment.

Now, some of this you may have to learn to semi-support no matter what.  In this day of bring your own devices or having a requirement to allow guests to connect to your wireless network, not a whole lot you can do about it.  Our wireless LAN supports having multiple SSID's.  We have created 3 SSID's for 3 different security zones.
0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now