Thanks for the exchange, it seems you misunderstood my intentions in commenting/responding.
I will stand by my points: corporate policy and course of action isn’t always by the book — it can be unevenly enforced (depending on the circumstance, environment, and context).
As for me? I’ll never work for Nazis or in environments ruled by people roleplaying as Nazis. It’s demeaning.
The cool thing is that you can have better security without such an atmosphere — and I described it: it starts with locked-down systems and networks, IT actually being approachable human beings that communicate (who also understand business needs and requirements), policies that only punish and target bad actors (because it is effectively impossible for good faith actors to violate them), and accessible procedures for employees to escalate their needs to IT.
Anyway, have a good one. I apologize for being slightly rude with my phrasing, but I truly am aware of how draconian some environments are (especially depending on the context) and it was rude of you to confidently assert that I had no idea.
No problem. It was mostly hypothetical worst case scenario anyway. It would be nice if understanding, workplace improvements, and overall security where the targets everywhere, but unfortunately that’s not always the case. It’s also easy to lose the point in an online discussion, sorry about that.
Thanks for the exchange, it seems you misunderstood my intentions in commenting/responding.
I will stand by my points: corporate policy and course of action isn’t always by the book — it can be unevenly enforced (depending on the circumstance, environment, and context).
As for me? I’ll never work for Nazis or in environments ruled by people roleplaying as Nazis. It’s demeaning.
The cool thing is that you can have better security without such an atmosphere — and I described it: it starts with locked-down systems and networks, IT actually being approachable human beings that communicate (who also understand business needs and requirements), policies that only punish and target bad actors (because it is effectively impossible for good faith actors to violate them), and accessible procedures for employees to escalate their needs to IT.
Anyway, have a good one. I apologize for being slightly rude with my phrasing, but I truly am aware of how draconian some environments are (especially depending on the context) and it was rude of you to confidently assert that I had no idea.
No problem. It was mostly hypothetical worst case scenario anyway. It would be nice if understanding, workplace improvements, and overall security where the targets everywhere, but unfortunately that’s not always the case. It’s also easy to lose the point in an online discussion, sorry about that.