Tech workers - what did your IT Security team do that made your life hell and had no practical benefit?

tractus, 1 year ago

I’m sure there are more elegant ways they could have disabled the USB ports, but this might have been partially to avoid users being able to accidentally compromise their device by sticking a thumb drive they found in the parking lot in to see what was on it. For exfiltration and VPN usage over the network there are other controls they can/likely had put in place that you may just not have known about

AtariDump, 1 year ago

Users would just unplug the keyboard and plug in the USB stick.

Krudler, 1 year ago

They were just paranoid dopes.

I would hear them talking about IT security the way 10 year old boys talk about defending their fort from zombies.

totallynotarobot, 1 year ago

So… what was the zombie situation tho? Were they at least on top of that?

Krudler, 1 year ago

Well if we’re following the metaphor, yes they were completely on top of preventing imaginary threats that wouldn’t realistically ever materialize lol

perviouslyiner, 1 year ago

Admin access needed to change the clock, which was wrong. Missed a train because of that.

tsz, 1 year ago

Mine refuses to use ipmi. Also all switches use the same password.

thisbenzingring, 1 year ago

I was a network administrator at a site, which just made me a glorified system admin with responsibility for the network and switches.

Everyone in the IT Dept had the password for the switches. After one person gave a 3rd party vendor the password, I had to change the passwords and exclude him from having it… but then everyone else got the password.

That place was nuts, between that and a few other stupid boss actions, I just moved on. Found a much better job and it was for the best.

SHITPOSTING_ACCOUNT, 1 year ago

Endless approval processes are a good one. They don’t even have to be nonsensical. Just unnecessarily manual, tedious, applied to the simplest changes, with long wait times and multiple steps. Add time zone differences and pile up many different ones, and life becomes hell.

RozhkiNozhki, 1 year ago

It took them three weeks to have my super secure voicemail PIN reset, only for me to set it to whatever I wanted.

al177, 1 year ago

Oh man. Huge company I used to work for had:

• two separate Okta instances. It was a coin toss as to which one you’d need for any given service
• oh, and a third internally developed federated login service for other stuff
• 90 day expiry for all of the above passwords
• two different corporate IM systems, again coin toss depending on what team you’re working with
• nannyware everywhere. Open Performance Monitor and watch network activity spike anytime you move your mouse or hit a key
• an internally developed secure document system used by an international division that we were instructed to never ever use. We were told by IT that it “does something to the PC at a hardware level if you install the reader and open a document” which would cause a PC to be banned from the network until we get it replaced. Sounds hyperbolic, but plausible given the rest of the mess.
• required a mobile authenticator app for some of the above services, yet the company expected that us grunts use our personal devices for this purpose.
• all of the above and more, yet we were encouraged to use any cloud hosted password manager of our choosing.

Hogger85b, 1 year ago

I'll.go one further with authenticator. Mobile phones were banned in the data center and other certain locations (financial services). Had to set up landline phone....but to do that needed to request it...approve it on my phone then enter data center security door run and answer the phone line with 60s like something in the matrix.