• Grandwolf319@sh.itjust.works
    link
    fedilink
    arrow-up
    81
    arrow-down
    2
    ·
    edit-2
    2 months ago

    In my experience it’s been IT people telling me you can’t use a certain tool or have more control over your computer cause of their rules.

    The expression is appropriate but the meme assumes that im doubting the IT person’s expertise. I’m not, I’m just not liking the rules that get in the way of my work. Some rules do make sense though.

    Edit: just wanted to point out, yes I agree, you need the rules, they are still annoying tho.

    • BilliamBoberts@lemmy.world
      link
      fedilink
      arrow-up
      10
      ·
      2 months ago

      As an IT guy, I’d love to give software devs full admin rights to their computer to troubleshoot and install anything as they see fit, it would save me a lot of time out of my day. But I can’t trust everyone in the organization not to click suspicious links or open obvious phishing emails that invite ransomware into the organization that can sink a company overnight.

      • Grandwolf319@sh.itjust.works
        link
        fedilink
        arrow-up
        7
        ·
        2 months ago

        Fair points but as someone who works in cybersecurity. Phishing emails can happen without admin access. I haven’t heard of any randsomware that is triggered by just clicking on a link.

        I think there should be some restrictions but highly technical people should slowly be given more and more control as they gain more trust/experience.

        • lud@lemm.ee
          link
          fedilink
          arrow-up
          4
          ·
          2 months ago

          Of course but the impact could be much worse if the victim is admin on their computer.

          • BilliamBoberts@lemmy.world
            link
            fedilink
            arrow-up
            4
            ·
            2 months ago

            Exactly this. we try to prevent cyberattacks as much as we can, but at a certain point, they’re impossible to perfectly defend against without also totally locking down our users and making it impossible for them to do their jobs. so then the game becomes one of containing the amount of damage an attack can do.

            Security is restriction. our job is to balance our users’ ability to perform their jobs with acceptable levels of risk.

        • Omniraptor@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          2 months ago

          Not a security guy but I heard there’s a whole term for it, “one-click attacks”

    • BeigeAgenda@lemmy.ca
      link
      fedilink
      arrow-up
      9
      ·
      2 months ago

      And the more corporate the organisation the more rules, at least the places I have worked trusts developers enough to give local admin, that takes the edge off many tasks.

    • 4am@lemm.ee
      link
      fedilink
      arrow-up
      3
      ·
      2 months ago

      I think the meme is more about perspectives and listening to the way someone thinks about operating IT is very different from the way someone things about architecting IT