Thats why you would have client machines on SUSE with autosnapshots for reverting back, or like proper IT don’t give client machines the root password and take user out of sudoers group.
As.a tech company our systems are open for tinkering, but clients we do contract work for have fully locked down systems. No software install is possible, and software they do need has to be requested via their control center store app, if IT approves it it will show up in the software store. It is obviously as you say slower to turn things around, but IT ensures that attack footprint and system integriity is maintained.
More companies are like this than not like this—when they have more than about 20 employees.
Yeah, I think the difference besides tech savvy, is also development like jobs vs production work. production clients you want all the same and no user f@ckery
Thats why you would have client machines on SUSE with autosnapshots for reverting back, or like proper IT don’t give client machines the root password and take user out of sudoers group.
deleted by creator
As.a tech company our systems are open for tinkering, but clients we do contract work for have fully locked down systems. No software install is possible, and software they do need has to be requested via their control center store app, if IT approves it it will show up in the software store. It is obviously as you say slower to turn things around, but IT ensures that attack footprint and system integriity is maintained. More companies are like this than not like this—when they have more than about 20 employees.
deleted by creator
Yeah, I think the difference besides tech savvy, is also development like jobs vs production work. production clients you want all the same and no user f@ckery