One chestnut from my history in lottery game development:

While our security staff was incredibly tight and did a generally good job, oftentimes levels of paranoia were off the charts.

Once they went around hot gluing shut all of the “unnecessary” USB ports in our PCs under the premise of mitigating data theft via thumb drive, while ignoring that we were all Internet-connected and VPNs are a thing, also that every machine had a RW optical drive.

  • Herrmens@lemmy.world
    link
    fedilink
    arrow-up
    130
    arrow-down
    7
    ·
    1 year ago

    Took away Admin rights, so everytime you wanted to install something or do something in general that requires higher privileges, we had to file a ticket in the helpdesk to get 10 minutes of Admin rights.

    The review of your request took sometimes up 3 days. Fun times for a software developer.

    • ShunkW@lemmy.world
      link
      fedilink
      arrow-up
      54
      ·
      1 year ago

      We worked around this at my old job by getting VirtualBox installed on our PCs and just running CentOS or Ubuntu VMs to develop in. Developing on windows sucks unless you’re doing .NET imo.

    • Krudler@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      42
      ·
      1 year ago

      Oh shit, you just reminded me of the time that I had to PHONE Macromedia to manually activate software because of the firewalling. This was after waiting days to get administrative permission to install it in the first place.

      “Thank you” for helping resurface those horrible memories!

      I don’t miss those days.

    • Shambling Shapes@lemmy.one
      link
      fedilink
      English
      arrow-up
      31
      ·
      1 year ago

      3 days? That’s downright speedy!

      I submitted a ticket that fell into a black hole. I have long since found an alternate solution, but am now keeping the ticket open for the sick fascination of seeing how long it takes to get a response. 47 days and counting…

        • Natanael@slrpnk.net
          link
          fedilink
          arrow-up
          10
          ·
          1 year ago

          Any ticketing system set up like that is just begging for abuse. If they don’t have queue managers then the team should share the hit if they just leave the ticket untouched

    • PoolloverNathan@programming.dev
      link
      fedilink
      English
      arrow-up
      8
      ·
      edit-2
      1 year ago

      During those 10 minutes of admin rights:

      net user secretlocaladmin * /add
      net localgroup administrators secretlocaladmin /add
      
        • XEAL@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          1 year ago

          No, it was quite extensive (20-30?) and we (I) kept expanding it. I even added icons for each app so it looked nice.

          All published software was approved by Cybersecurity. We allowed people to request apps and evaluated each case.