You’re free to fantasize about the little guy as the only one getting disciplined in these scenarios
I never, not once, implied that. And frankly speaking I have no idea why you would think that. I said that a user, circumventing a company policy, would be in a tight spot, and depending on the policy most likely fired, regardless of the actual effectiveness of these policies implementation.
At no point have I said that nobody else would be in hot water for failing to do their job, nor did I say that the IT teams is above all and always perfect. But, for the user that did go around the aforementioned policy, the fate of someone else on another team is pretty much irrelevant after they’re put down themselves.
Thanks for the exchange, it seems you misunderstood my intentions in commenting/responding.
I will stand by my points: corporate policy and course of action isn’t always by the book — it can be unevenly enforced (depending on the circumstance, environment, and context).
As for me? I’ll never work for Nazis or in environments ruled by people roleplaying as Nazis. It’s demeaning.
The cool thing is that you can have better security without such an atmosphere — and I described it: it starts with locked-down systems and networks, IT actually being approachable human beings that communicate (who also understand business needs and requirements), policies that only punish and target bad actors (because it is effectively impossible for good faith actors to violate them), and accessible procedures for employees to escalate their needs to IT.
Anyway, have a good one. I apologize for being slightly rude with my phrasing, but I truly am aware of how draconian some environments are (especially depending on the context) and it was rude of you to confidently assert that I had no idea.
No problem. It was mostly hypothetical worst case scenario anyway. It would be nice if understanding, workplace improvements, and overall security where the targets everywhere, but unfortunately that’s not always the case. It’s also easy to lose the point in an online discussion, sorry about that.
I never, not once, implied that. And frankly speaking I have no idea why you would think that. I said that a user, circumventing a company policy, would be in a tight spot, and depending on the policy most likely fired, regardless of the actual effectiveness of these policies implementation.
At no point have I said that nobody else would be in hot water for failing to do their job, nor did I say that the IT teams is above all and always perfect. But, for the user that did go around the aforementioned policy, the fate of someone else on another team is pretty much irrelevant after they’re put down themselves.
Thanks for the exchange, it seems you misunderstood my intentions in commenting/responding.
I will stand by my points: corporate policy and course of action isn’t always by the book — it can be unevenly enforced (depending on the circumstance, environment, and context).
As for me? I’ll never work for Nazis or in environments ruled by people roleplaying as Nazis. It’s demeaning.
The cool thing is that you can have better security without such an atmosphere — and I described it: it starts with locked-down systems and networks, IT actually being approachable human beings that communicate (who also understand business needs and requirements), policies that only punish and target bad actors (because it is effectively impossible for good faith actors to violate them), and accessible procedures for employees to escalate their needs to IT.
Anyway, have a good one. I apologize for being slightly rude with my phrasing, but I truly am aware of how draconian some environments are (especially depending on the context) and it was rude of you to confidently assert that I had no idea.
No problem. It was mostly hypothetical worst case scenario anyway. It would be nice if understanding, workplace improvements, and overall security where the targets everywhere, but unfortunately that’s not always the case. It’s also easy to lose the point in an online discussion, sorry about that.