At large organizations you’re generally not allowed to download much of anything without it passing through IT security and management first. If it’s a no, it will probably stay a no.
In your experience, what large organization restricts this? I’ve worked at a few SaaS companies and a FAANG that always gave us full install rights and browser choice. Granted we are on the software side, but I haven’t experienced this at all.
This matters more for some industries than others. But this attitude lets a malicious employee install basically whatever they want in service of “the job” and you won’t even know you’re being breached until after it’s all over.
Well, we still have to get approval. But it just seems like they don’t mind as much. For example, I don’t know how many companies out there would be fine with installations of AutoHotkey and LibreOffice.
At large organizations you’re generally not allowed to download much of anything without it passing through IT security and management first. If it’s a no, it will probably stay a no.
In your experience, what large organization restricts this? I’ve worked at a few SaaS companies and a FAANG that always gave us full install rights and browser choice. Granted we are on the software side, but I haven’t experienced this at all.
I work for a non-profit and they are way more lenient about what we would like to install as long as the job gets done.
Then you have bad opsec and security holes.
This matters more for some industries than others. But this attitude lets a malicious employee install basically whatever they want in service of “the job” and you won’t even know you’re being breached until after it’s all over.
Well, we still have to get approval. But it just seems like they don’t mind as much. For example, I don’t know how many companies out there would be fine with installations of AutoHotkey and LibreOffice.