if an end user can serve as an entry point to the entire domain for ransomware, the end user hasn't failed, IT has.
Upper management:
"GIVE ADMIN PRIVELEGES TO ALL ACCOUNTS TO STREAMLINE THINGS. I DON'T CARE IF ITS INSECURE DO IT!"
[Fired for noncompliance]
Sad truth of IT. Being ordered around by tech illiterate bosses who refuse to listen. And they often don't even seem to value their employees, thinking they're easily replaced (they aren't)
But sire, our employees will be in potential
violation of SOC 2 compliance should we be auditβ- βJUST DO IT!β
if an end user can serve as an entry point to the entire domain for ransomware, the end user hasn't failed, IT has.
Upper management: "GIVE ADMIN PRIVELEGES TO ALL ACCOUNTS TO STREAMLINE THINGS. I DON'T CARE IF ITS INSECURE DO IT!"
[Fired for noncompliance]
Sad truth of IT. Being ordered around by tech illiterate bosses who refuse to listen. And they often don't even seem to value their employees, thinking they're easily replaced (they aren't)
But sire, our employees will be in potential violation of SOC 2 compliance should we be auditβ- βJUST DO IT!β