I got a new computer at work today that has been uber big-brothered.
I cannot install programs on it without IT doing so on my behalf. I wouldn't be surprised if they keylog. This is what happens when you work at a hospital, and HIPAA fines can demolish the institution. As a researcher, I never have any patient data, but that doesn't matter to our lawyers, or IT.
When they came to take away my old XP computer, they were dissatisfied to see that I had partitioned my harddrive. That is something that I no longer can do.
I can't help but see this as a hostile act, and it has forever soured my opinion of the institution, and made clear their opinion of me.
Also, someone took my stapler.
System administration isn't our wheelhouse anymore, but when it was it went like this:
You get your choice of:
* You get our locked-down canned configuration. It will allow you to do you job, anything you can do in the browser, and use iTunes because we are not heartless. You do not get to install anything else, you do not get to alter any configuration, and if your home directory takes up too much space on our fileserver we will delete things according to our whims and, probably, make fun of your tastes in music and/or pornography. If you have problems we will take care of you; if one of the actual sysadmins is around they'll even be friendly about it, if not, eh, we'll try.
* We give you hardware, you put whatever you want on it. If you have problems that aren't hardware issues, you deal with them yourself. If it's a hardware issue we'll replace it; if your problem affects other people/is a security issue for the company and you can't quickly fix it yourself you get our locked down canned configuration.
This worked well and, while we weren't a bank, we were sitting on a lot of data we would rather not have been sitting on.