One chestnut from my history in lottery game development:

While our security staff was incredibly tight and did a generally good job, oftentimes levels of paranoia were off the charts.

Once they went around hot gluing shut all of the “unnecessary” USB ports in our PCs under the premise of mitigating data theft via thumb drive, while ignoring that we were all Internet-connected and VPNs are a thing, also that every machine had a RW optical drive.

  • jj4211@lemmy.world
    14·
    1 year ago

    They do. In fact they mandate IT assets to have three competing patch management software on them. They mandate disabling any auto updates because they have to vet them first. My official laptop hasn’t been pushed an update in 8 months.

      • jj4211@lemmy.world
        10·
        1 year ago

        Ironically, we actually have a Segment of our business that provides IT for other companies, and they do a decent job, but they aren’t allowed to manage our own IT. Best guess is that they are too expensive to waste on our own IT needs. If an IT staffember accidentally shows competence, they are probably moved to the billable group.