Send me your contact information, and I'll work up a plan for you. I charge around $200.00 per hour, plus travel, meals, and housing if on-site work is required.

Your summary doesn't give us anywhere near enough information to plan.
Some additional information that would help
1) what is the estimated budget?
2) what sort of 'net connection do you have?
3) how much travel do your folks do?
4) what sort of tech-savvy do your folks have?
5) what is the building like?
6) any planned expansion?
7) what skillets do the it people have? ...

You're looking at a complete overhaul, expect to pay a lot to do it right.

If I were doing this, for a company of 20 people, i would expect to spend at least a week in place interviewing everybody to get a feel for what needs are before I even started to create a plan.

Seriously, send me your info, and all the info, I'll write up a proposal and price it out

I swear I've heard this before...
    oh yeah, phone lines... I think it went something like this:
Exec 1: We already have lines run, why should we bother with a second set of lines for control signals say from pay phones?
Exec 2: I can't see of a reason, let's do it
Exec 1: we all get bonus for saving ourselves $BIGNUM bucks.
Exec 2: Sweet! ... Time Passes...
Captain Crunch: *2600Hz whistle* now can I get free long distance calls?
Execs 1..N: FUUUUUUUUUUUUUUUUU.....

hence the development of SS7.

Now if we can get this, which network is going to be "phoning home" to report electrical usage? even if the traffic is sufficiently encypted, and authenticated, what happens when someone decides to start DOSing their electrical meter? that and, eventually, and i stress eventually, any encryption can be defeated. it's only a matter of time before someone figures out how to fake electrical readings from the new smart meters, or better yet, hacks and publishes the hack, for certain brands of meters.

Jellyfish over a roomba... why does that sound like the plot to a very "bad" B-rate movie?

IFF (If and Only If) You are running exchange 2007 or later, If you're using Exchange 2003, it sucks...

See, I use LaTeX and BibTex for this. that way I don't need to worry about anything, I put all the information into the Bib file, make the appropriate citations, and it takes care of the rest... as an added bonus, with BibTeX on my mac, I can import the whole document into the DB, and never worry about "where did I file that" again.

I have taken physics, and f=ma^2 doesn't rung any bells

f=Ma does (force is the product of Mass and acceleration)
As does
p=Mv (momentum is the product of Mass and velocity)

Notice, neither of those has a square in it.

This is where virtual machines shine! you have your "standard" image production machine, and then the virtual "development" machine. Devs have local admin rights over the virtual machine, and snapshot functionality makes reverting a snap (no pun intended) if anything goes wrong.

But what about pointed sticks?

What about home page(s)... when I start up FF (without a saved session) at work, I have 4 tabs open automagically, 3 of which are work-related, the 4th is Pandora, just so I have some tunes going.

Lets read carefully...

What it doesn't say is that you need a warrant to search something. It says that you have a right not to be searched, or have things seized, unreasonably. As a matter of course this means that most searches require a warrant, so that the judicial branch can "certify" that the search/seizure is not unreasonable. However, in any given situation, an impromptu search may be reasonable. Say for example you get pulled over for erratic driving, and the officer smells pot, searching your vehicle for drugs would probably be considered completely reasonable.

That being said, philosophically I agree with you. I would like to see more protections, not fewer. I think the main problem that we are seeing is the accepted definition of "reasonable" is shifting.

By your reading of the 4th amendment, for any arrest, a police officer would need to have an arrest warrant (naming the person to be seized) This isn't the case. If an officer witnesses you performing something illegal, it is completely legal (and reasonable) for them to arrest you on the spot.

As always IANAL, but the fallacy that all searches (and seizures) require a warrant gets on my nerves, that and I don't believe in violence either.

I have to...

Quiet there 1138903, now get back in line

I also work at a university, and we are in the process of removing everybody's admin rights. I went to senior staff (who then went along with my plan) with the following arguments:
1) Security; Viruses have a much harder time infecting computers if the user is running without local admin rights.
2) Liability; Does your college have licenses for Mathematic, ArcGIS, SPSS, etc? or are your professors using their own license? if it's their own, are they using it correctly? (i.e. only installed on one computer per license) and more importantly, can you prove it if you were audited.
3) "CrapWare"; we had people installing stuff (think free games) that was eating up massive support time, because it came with ad-ware/spy-ware/what-have-you-not-ware and we were expected to support it.
4) forcing loadouts. We use sophos (and have been happy with it), but we had a small number of people that had uninstalled our enterprise version of Sophos, and had installed their own internet security suite. This cause all sorts of problems when it's firewall started blocking certain AD traffic, and other tools that we have on all machines.

That being said there are some software packages that *need* admin rights. MS Great Plains is one, so our financial people have to have admin rights on their computers. I've also discovered that the Kodak Easy Share software really wants admin rights, right now I'm trying to find a way around that.

the flip side is that we had to effectively guarantee 24-hour turn around on all software install requests (within reason) so far I've been happy with the results.

As for the specialized software, try to get campus licenses (perhaps concurrent licensing for some of the more esoteric packages) and either install it everywhere, or (depending on your setup) have it fall under advertised software, so that if they need it, it can be installed automatically for them without the need for admin rights.

I can remove it in about 10 minutes... boot from CD, format C:\ look, it's gone... so is everything else, but that way I know I didn't miss anything.

Seriously though... for many of these FakeAV style viruses (incidently Sophos is adding between 12, and 30 FakeAV style detections a day) it's faster to nuke&reload then it is to worry about cleaning.

step 1) Save user data to flash drive
Step 2) nuke & reload
step 3) (concurant with Step 2) scan flash drive on *nix box to check for any infected files hidden in user data-space
step 4) replace data
step 5) educate user

for machines I have an image for the process takes about an hour, for machines I don't I can get a full enterprise loadout (with all approved microsoft updates) done in about 6 hours. Typically I don't use the same drive though. I have a slew of replacement - blank drives, I then hold on the the infected drive for 2 months before running DBAN, just in case I missed some data files.

I'm honestly partial to the HL-5370DW - has the duplexer, a straight through Paper Path option, and is more rugged than the 21xx series (also prints flawlessly from windows, linux and OSX)

That's fine with me, I just gave my 3-year old my 24-volt Dewalt drill with a full set of Torque, and "robby" bits.