How Tight Is Your IT Security?

Our company has had an overhaul of its IT security and implemented a lot of new changes. I'm not across the details of it, but some of the measures seem overkill - for example:

  • Connecting to Bluetooth devices has been disabled, so I can't use my wireless mouse anymore,
  • I can't delete icons from the desktop (e.g., Chrome, Logitech receiver software) and if I want to, I have to call IT helpdesk, and
  • Installing programs/exe's requires additional permissions which take anywhere between 3-5 days to be granted to your machine, and you only have said permissions for 3 days.

Anyone else think this is overkill or completely justified?

How tight or relaxed is your company with its IT security?

Poll Options

  • 3
    Non-existent
  • 25
    Doesn't hinder my ability to work
  • 16
    Overkill

Comments

  • +4

    Anyone else think this is overkill or completely justified?

    How tight or relaxed is your company with its IT security?

    You've asked two different questions that are answerable by the same poll..

    It depends on what your company does, if you work with sensitive data/projects (especially 3rd parties) then it's imperative to have thorough security measures.

    IMO Your work shouldn't be giving you install permissions for 3 days, that's actually a security risk, rather they should be installing the specific application required and not giving you permissions to install things.

    It also shouldn't be hindering your productivity significantly, using a password manager (LassPass, 1Password) is an example where it may be annoying to begin using, however very necessary in the long run. Not having Bluetooth, probably overkill.

    My workplace is doing an overhaul in the pursuit of some ISO certification, there is a line that needs to be balanced.

    • If I need to install something like Python, or Git, I need to wait 3-5 days for permissions, so there's upfront delays, but once they're installed, yeah, there's no issue.

  • +1

    That dumb, proper managed environment should be seamless.

  • +1

    Seems overkill depending on what they want to protect you against. Denying users local administrator rights is usually enough if paired with the correct security software. Like Sophos Intercept X for example which is one of the best off the shelf products that protects against ransomware and more.

  • +2

    Anyone else think this is overkill or completely justified?

    Depends on your line of work

    How tight or relaxed is your company with its IT security?

    I'ev worked at many places, some are crazy tight (tighter than you), some like my current one is totally relaxed, but on the flip side, any issue with the PC is a 'reimage'.

  • +1

    I get used to it, just get a mobile phone with a good data plan. Overkill? argue that with the IT security team.

    Connecting to Bluetooth devices has been disabled, so I can't use my wireless mouse anymore

    Get a non-bluetooth wireless mouse. Logitech MX Master will work.

  • +7

    How Tight Is Your

    Edit: nevermind. Misread title.

  • +1

    Installing programs/exe's requires additional permissions which take anywhere between 3-5 days to be granted to your machine, and you only have said permissions for 3 days.

    If anything I would still say that's too lax. End user's typically shouldn't be granted elevated rights. Applications should be packaged and pushed from a server when requested, and in the event it's not packaged, installed remotely by an admin.

    I'm honestly surprised there's still companies out there that let people install their own programs. That's how your business ends up being the wild west.

    I can't delete icons from the desktop (e.g., Chrome, Logitech receiver software) and if I want to, I have to call IT helpdesk

    This probably ties to the first. A lot of apps put icons in the public desktop visible to all users, and not your personal desktop, so you wouldn't have rights to it.

  • What is your line of work? I assume you are complaining because you like to install all sorts of random programs, maybe some pirated one? Is there a person who has admin rights?

  • You only realise that your IT Security isn't tight enough when there is a breach!

    It only takes a single malicious or unaware person to have a system compromised.

  • I've seen worse, no phones or laptops allowed as well.

    But have to agree, if you are able to; just bring your own device and do your work on there if you think it is a bureaucratic issue and no sensitive data will be leaked.

    You need to make your own judgment on these things and well suck it up if it all blows up. Having personal liability insurance helps too.

    Anyway, for reasonable requests like you have mentioned; it should take minutes to hours for something to be approved, not days. It seems like your IT team is non-existent.

Login or Join to leave a comment