Yeah, I requested to have a Linux desktop from my employer and was flatly told "NO". None of our many security applications supports it, which is a real shame. As we use Windows and MacOS, I can't see how we'll really be more secure on those platforms, even with the security theater applications they force us to use.

The standard approach is to use intrusive spyware to monitor all activity "for security" rather than to use systems designed to be resistant to attack. I call it the "fucking for virginity" approach to infosec. The reason why is because it's assumed that all attack-resistant systems break down somehow, under some circumstances but the audit trail to determine who committed the attack and how is non-negotiable, especially in regulatory and compliance settings. So institutional infosec tools are more interested in gathering the audit trail if/when an attack happens than in preventing the attack (in a "while we value the things in column A, the things in column B take priority" kind of way). And since they're almost always proprietary and considered beyond reproach by the corporate infosec division, well... occasionally something like the Clownstrike incident of 2024 does happen. But even that's not as bad as having had a breach without a sufficient audit trail to defend against liability or claims of noncompliance with regulations or industry standards (e.g., HITRUST in the health field).