Why does 501tech prohibit their clients from having domain admin or local admin rights to our network and/or end user devices?

The mission of 501tech is all about expanding the social impact of our clients. We do this by providing nonprofits with low cost, high quality, highly efficient products and services. Technology is the means to the end rather than the mission itself. The low cost of our services reflect our donor support, representing 53% of our budget, as well as a commitment to efficiency in all that we do.

We know from experience (and long established best practices in the IT industry) that granting end users admin rights inevitably creates support problems. These problems run the gamut from software interoperability issues to decreasing device responsiveness due to poorly written software to licensing infringements to virulent and recurring malware infections.

When these issues occur, 501tech is contractually bound to resolve them in a timely manner at no additional cost whether they were preventable or not. And when there is no record of what has been loaded on what device by whom and when, the resolution can be very time consuming. And again, 501tech bears sole accountability for the resolution no matter how time consuming that becomes. Our contract with the client does not permit us to charge for this extra effort.

The situations requiring admin rights typically involve needs that are known by the client well in advance. Examples include installations of software, printers or copiers, surveillance or access systems, and phone systems. Again, these needs rarely occur without some advance discussion and planning on the part of the client. And when 501tech can be part of the planning, we can help ensure that the client is getting the right product at the right price and work to ensure a smooth implementation.