The 'Baddies' have won...
-
Two and a half weeks ago, I was asked to upgrade one of our core software packages to the latest version. I contacted our supplier and they said, (because of security), they would need to white-list us to allow access to their download website. It took just over a week for that to happen. As soon as it was done, I pointed my browser at their download website and got "Website blocked". Yep! Our security was not letting me out - because, (they claimed), it was a non-business related site. So I then had to request our security to white-list our supplier's site. That, again, took over a week. This morning, I finally got access and logged into the download site. I clicked on the .zip file to download it - and... ... Nope! I'm not allowed to download that type of file. Back to security! Yes, I understand that we can't just leave the doors open - because there are bad people out there. But bricking them up and needing to get the builders in to let you in and out seems a 'little' impractical. Seriously doing my head in! :wtf: :mad: :wtf: :mad:
-
Two and a half weeks ago, I was asked to upgrade one of our core software packages to the latest version. I contacted our supplier and they said, (because of security), they would need to white-list us to allow access to their download website. It took just over a week for that to happen. As soon as it was done, I pointed my browser at their download website and got "Website blocked". Yep! Our security was not letting me out - because, (they claimed), it was a non-business related site. So I then had to request our security to white-list our supplier's site. That, again, took over a week. This morning, I finally got access and logged into the download site. I clicked on the .zip file to download it - and... ... Nope! I'm not allowed to download that type of file. Back to security! Yes, I understand that we can't just leave the doors open - because there are bad people out there. But bricking them up and needing to get the builders in to let you in and out seems a 'little' impractical. Seriously doing my head in! :wtf: :mad: :wtf: :mad:
go home. Download it. Then upload with a different extension or put on USB drive. Be sure and change the extension. Until you copy it to your computer at work then copy it back. old employer had this same issues. took at least a week to work around. each issue. Wound up many times going home downloading then changing the extension then bringing into work. WHICH IS MORE OF A SECURITY HOLE! but it worked.
To err is human to really elephant it up you need a computer
-
go home. Download it. Then upload with a different extension or put on USB drive. Be sure and change the extension. Until you copy it to your computer at work then copy it back. old employer had this same issues. took at least a week to work around. each issue. Wound up many times going home downloading then changing the extension then bringing into work. WHICH IS MORE OF A SECURITY HOLE! but it worked.
To err is human to really elephant it up you need a computer
-
Two and a half weeks ago, I was asked to upgrade one of our core software packages to the latest version. I contacted our supplier and they said, (because of security), they would need to white-list us to allow access to their download website. It took just over a week for that to happen. As soon as it was done, I pointed my browser at their download website and got "Website blocked". Yep! Our security was not letting me out - because, (they claimed), it was a non-business related site. So I then had to request our security to white-list our supplier's site. That, again, took over a week. This morning, I finally got access and logged into the download site. I clicked on the .zip file to download it - and... ... Nope! I'm not allowed to download that type of file. Back to security! Yes, I understand that we can't just leave the doors open - because there are bad people out there. But bricking them up and needing to get the builders in to let you in and out seems a 'little' impractical. Seriously doing my head in! :wtf: :mad: :wtf: :mad:
Obligatory Dilbert: [Dilbert Comic Strip on 2007-11-16 | Dilbert by Scott Adams](https://dilbert.com/strip/2007-11-16)
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows. -- 6079 Smith W.
-
Rage wrote:
blame the people who created your security concept
Yes! I absolutely do. If they want to lock everything down - fine. But they have to be able to deal with exceptions quickly and easily. Not put this through a 'Change Control' process that needs the approval of 5 or 6 people - and then go to a weekly Change Board Meeting, for the consideration of a dozen people who know sod all about it. The Baddies have won, because security have reached a level of paranoia that has created paralysis by process.
Change control boards have nothing to do with security and everything to do with the non-technical Six Sigma crowd moving into the cybersecurity field. Those people are, of course, the actual baddies.
"Never attribute to malice that which can be explained by stupidity." - Hanlon's Razor
-
Two and a half weeks ago, I was asked to upgrade one of our core software packages to the latest version. I contacted our supplier and they said, (because of security), they would need to white-list us to allow access to their download website. It took just over a week for that to happen. As soon as it was done, I pointed my browser at their download website and got "Website blocked". Yep! Our security was not letting me out - because, (they claimed), it was a non-business related site. So I then had to request our security to white-list our supplier's site. That, again, took over a week. This morning, I finally got access and logged into the download site. I clicked on the .zip file to download it - and... ... Nope! I'm not allowed to download that type of file. Back to security! Yes, I understand that we can't just leave the doors open - because there are bad people out there. But bricking them up and needing to get the builders in to let you in and out seems a 'little' impractical. Seriously doing my head in! :wtf: :mad: :wtf: :mad:
And you wonder why people go home and download it a USB drive. I've had this issue with my customer's IT department. Sure, the firewall blocks all of the porn and what have you, but there are many commercial sites that get blocked. I used to just say elephant it and go home to get the files I need, but I discovered VPN :) Completely circumvents their firewall. Ponder that. Don't worry, I'm the good guy, but it does make me wonder.
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
-
Two and a half weeks ago, I was asked to upgrade one of our core software packages to the latest version. I contacted our supplier and they said, (because of security), they would need to white-list us to allow access to their download website. It took just over a week for that to happen. As soon as it was done, I pointed my browser at their download website and got "Website blocked". Yep! Our security was not letting me out - because, (they claimed), it was a non-business related site. So I then had to request our security to white-list our supplier's site. That, again, took over a week. This morning, I finally got access and logged into the download site. I clicked on the .zip file to download it - and... ... Nope! I'm not allowed to download that type of file. Back to security! Yes, I understand that we can't just leave the doors open - because there are bad people out there. But bricking them up and needing to get the builders in to let you in and out seems a 'little' impractical. Seriously doing my head in! :wtf: :mad: :wtf: :mad:
No different than letting a stranger into your house (the zip file). At least your company knows who opened the door (and can close it again).
It was only in wine that he laid down no limit for himself, but he did not allow himself to be confused by it. ― Confucian Analects: Rules of Confucius about his food
-
Two and a half weeks ago, I was asked to upgrade one of our core software packages to the latest version. I contacted our supplier and they said, (because of security), they would need to white-list us to allow access to their download website. It took just over a week for that to happen. As soon as it was done, I pointed my browser at their download website and got "Website blocked". Yep! Our security was not letting me out - because, (they claimed), it was a non-business related site. So I then had to request our security to white-list our supplier's site. That, again, took over a week. This morning, I finally got access and logged into the download site. I clicked on the .zip file to download it - and... ... Nope! I'm not allowed to download that type of file. Back to security! Yes, I understand that we can't just leave the doors open - because there are bad people out there. But bricking them up and needing to get the builders in to let you in and out seems a 'little' impractical. Seriously doing my head in! :wtf: :mad: :wtf: :mad:
5teveH wrote:
Two and a half weeks
Bloody hell your people move like lightening, I went through the same process and it took 2 MONTHS before I was able to get the data and that was only after a senior manager wanted to drag my ass over the carpet because a project was months behind schedule. Even he had trouble getting the permissions through security.
Never underestimate the power of human stupidity - RAH I'm old. I know stuff - JSOP
-
Two and a half weeks ago, I was asked to upgrade one of our core software packages to the latest version. I contacted our supplier and they said, (because of security), they would need to white-list us to allow access to their download website. It took just over a week for that to happen. As soon as it was done, I pointed my browser at their download website and got "Website blocked". Yep! Our security was not letting me out - because, (they claimed), it was a non-business related site. So I then had to request our security to white-list our supplier's site. That, again, took over a week. This morning, I finally got access and logged into the download site. I clicked on the .zip file to download it - and... ... Nope! I'm not allowed to download that type of file. Back to security! Yes, I understand that we can't just leave the doors open - because there are bad people out there. But bricking them up and needing to get the builders in to let you in and out seems a 'little' impractical. Seriously doing my head in! :wtf: :mad: :wtf: :mad:
-
Change control boards have nothing to do with security and everything to do with the non-technical Six Sigma crowd moving into the cybersecurity field. Those people are, of course, the actual baddies.
"Never attribute to malice that which can be explained by stupidity." - Hanlon's Razor
I'm convinced that were it ever to be studied honestly, we'd find out that 95% of the world's current problems were either caused or exacerbated by process honks trying to shoehorn trendy methodologies in everywhere. I also think that, sooner or later, some process monkey is going to figure out a way to position 6 Sigma, Agile, Business of Management, and open source in to a single super-methodology, which will cause the universe to BSOD.