You are viewing a single thread.
View all comments 
58 points
- Installs antivirus on servers that wrecks application performance
- installs content filtering proxy that prevents developers from reading “hacking materials” like OWASP documentation
- won’t let developers install anything on their own machines without filing a ticket and waiting 6 weeks
- pushes unannounced antivirus updates that pop up OS security dialogs like “Netscan Antivirus would like to monitor all network traffic. Enter your password to approve”, and is surprised when users don’t enter their passwords.
Your corporate IT guy
10 points
9 points
1 point
They usually don’t have a choice. They know this stuff is bad, but they need it to demonstrate compliance with XYZ framework so they can fill out the marketing copy so sales can land a contract with some big customer that wants to know why $competitor has better security than you.
