Tech workers - what did your IT Security team do that made your life hell and had no practical benefit?
One chestnut from my history in lottery game development:
While our security staff was incredibly tight and did a generally good job, oftentimes levels of paranoia were off the charts.
Once they went around hot gluing shut all of the "unnecessary" USB ports in our PCs under the premise of mitigating data theft via thumb drive, while ignoring that we were all Internet-connected and VPNs are a thing, also that every machine had a RW optical drive.
You are viewing a single comment
I'm sure there are more elegant ways they could have disabled the USB ports, but this might have been partially to avoid users being able to accidentally compromise their device by sticking a thumb drive they found in the parking lot in to see what was on it. For exfiltration and VPN usage over the network there are other controls they can/likely had put in place that you may just not have known about
They were just paranoid dopes.
I would hear them talking about IT security the way 10 year old boys talk about defending their fort from zombies.
So… what was the zombie situation tho? Were they at least on top of that?
Well if we're following the metaphor, yes they were completely on top of preventing imaginary threats that wouldn't realistically ever materialize lol