Remix clone Hacker News

new | show | ask | jobs Github

▲

betaby a day ago

It's a standard practice. And at $CURENT_JOB it's driven by semi-literate security folks, definitely not insurance.

▲

pjmlp a day ago | parent [-]

Insurance and liability concerns drive the security folks.

Just wait when more countries keep adopting cybersecurity laws for companies liabilities when software doesn't behave, like in any other engineering industry.

▲

stefan_ 19 hours ago | parent [-]

Hello, the security folks in those companies made those up. "cyber insurance" is hogwash. That entire branch has been taken over by useless middle manager types who know to type up checklists in Word but have no understanding of anything.

	▲	pjmlp 12 hours ago \| parent \| next [-]
		As someone that happens to also be one of those clueless people when assuming DevOps roles in consulting projects, it is a very bad day when some clever user is responsible for a security breach. A breach can turn out into enough money being lost, in credibility, canceled orders, or lawsuits, big enough to close shop, or having to fire those that thought security rules were dumb. Also anyone with security officer title, in many countries has legal responsibilities when something goes wrong, so when they sign off software deliverables that go wrong, is their signature on the approval.
	▲	blangk 18 hours ago \| parent \| prev [-]
		Are you arguing non technical people should have root access to company owned and managed PCs? Because I can tell you from experience, that will result in a very bad time at some point. Even if it is just for the single end user and not the wider org.