On Sun, 30 Apr 2023 09:25:54 +0200 Per Jessen <per@opensuse.org> wrote:
Dave Howorth wrote:
On Sat, 29 Apr 2023 21:02:13 +0200 Per Jessen <per@opensuse.org> wrote:
Lew Wolfgang wrote:
On 4/29/23 11:42, Per Jessen wrote:
Of course, but on our network a Windows user could, through ignorance, configure her legitimately connect host to advertise a route to a second interface on her machine. I guess your corporate networking policy is very different to anything I have seen in over thirty years. My wife works for a bank - there is virtually nothing she can do to her laptop.
It's a large research environment.
I'm not sure if that explains the lax security policies :-)
It does to a large extent, I think. The admins have a major problem. The scientists [in our case] can run pretty much whatever they decide they need.
I have probably spent enough time in R&D environments to know it can be done differently. I once spent two-three months at a lab outside Winchester. The first day I was put through the security training - strict clean desk policy, black and white bins (one was for daily shredding), secure lockers and drawers.
I think it is much more about awareness and security culture.
I think that's much more about the kind of environment. No way would those policies wash in the places I have worked. The most draconian thing they did was post a list of all URLs everybody requested in a public place, to prevent porn being watched.