this post was submitted on 16 Aug 2023
940 points (97.2% liked)
Memes
45662 readers
955 users here now
Rules:
- Be civil and nice.
- Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Oh, wait until you get a job in most offices. Microsoft, Microsoft everywhere.
BYOD with Linux? "We can't install the company's spyware on it, get that security risk out of here."
I mean they're not wrong, BYOD is an absolutely ginormous attack vector.
If an organisations' security relies on the end device configuration there is no security.
Who needs defense in depth, right?
You can bring your own devices, but you don't get permission to access anything?
Or what are you even trying to say about what the end users device being able to do anything
I don't think I said anything about what a device can and cannot do
For the user or the company? Assuming the user isn't a moron with computers?
Edit: guess im out of the loop as a contractor who generally only does BYOD with my linux machine
Lol
For the company, and no one should ever assume for a moment that everyone has their guard up at all times and is infallible.
As far as I've heard you actually assume quite the opposite.
If a user doesn't understand that having complete control over every device in your network is essential, he's being a complete moron with computers.
You should do your work, not worrying about patching all the 128 tools you think you need, that's other peoples job.
When you're supporting ten thousand machines on four continents and confirming to twenty different data protection doctrines the last thing you need is some neckbeard rocking up demanding to store data in their unauditable homebrew fork of Haiku or some shit.
What is achieved with GPOs and agents is compliance, not security.
In other words, company issued devices don't protect the data, but they ensure conformity with relevant regulations and standards. Which is what most organisations actually care about.
Many good IT people really do care about actual information security, but not those in charge.
The result are devices that hinder some people's work but provide questionable actual security.
Look! A Linux user! SCATTER, BEFORE HE CATCHES YOU!!
What if their OS choices aren't insane?
Listen I work in IT and everyone is getting templeOS and they can like it. If gods own operating system isn't good enough for you then you can clear off.
People who make a living by configuring Microsoft products for company use won't want to change.
Im all for privacy and obviously working where you want to but like really? Your unwilling to take a position if the desktop/laptop you use only for work doesn't have an OS that's acceptable? Regardless of pay/perks/etc you wouldn't take a position where everything is perfect except you have to use their specified OS? This is genuine curiosity hopefully this doesn't come accross as me trying to say I doubt you or your not entitled to your opinions but I just don't get it, curious to understand why. What industry do you work in? It makes sense if a certain OS could make your job harder but I would be more worried about being able to use software that I want rather than OS at least at my current position.
Not parent commenter, but yes, an inappropriate OS makes the job a lot harder for software developers. Also, there is rarely a need to store data on the end user device, this is mostly done out of convenience and lack of knowledge on how to do things properly