[The Java Posse] Re: IT policies of large corporations - what is normal?
I heard that in QLD hospitals there is a captive DNS portal, before you get to the internet, which had a picture of the premier (whoever it was then) and said, in almost these words Don't surf for porn - can't remember the guys name, but he wasn't pretty, I imagine it had the desired effect. On Feb 28, 2:02 pm, Christian Catchpole christ...@catchpole.net wrote: It's all a mix of those depending on where you go. Australian government lock their web and machines down pretty tightly. And they arn't used to being development shops. I had to get a special auth to install software. Symantec was interesting. While security was high, and Symantec Anti- virus on all machine (duh!), I did notice you could browse to sites that are normally locked down. ebay, facebook etc. Well, since their slogan is confidence in a connected world it would be hypercritical for them to lock down their staff while claiming to be empowering the world. I worked for a US finance technology company which had wifi honeypots. The idea was if you connected to these free wi-fi connections they might come around and break your legs. But they had been victim to some scandal so I understand their security. -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
[The Java Posse] Re: IT policies of large corporations - what is normal?
This is *FALSE*. Java 6 is available on leopard. Java6 64-bit is available as a standard apple VM and is installed on all deployments of Mac OS X that haven't explicitly turned off system update. Java6 32-bit is available too via the soylatte project, though running GUI-based apps on this VM isn't advised, as it'll be ugly as heck and requires firing up X11.app. On Mar 3, 1:36 pm, Kevin Wright kev.lee.wri...@googlemail.com wrote: Try testing something on Snow Leopard that you need to know will run on Leopard. Leopard doesn't offer java 1.6 at all. Snow Leopard doesn't offer anything else, it's what you get even if explicitly requesting jdk 1.5 On 3 March 2010 12:12, Kfir Shay kfir.s...@gmail.com wrote: What is your issue with jdk 1.6 on mac os x? Sent from my iPhone On Mar 3, 2010, at 12:16 AM, Lloyd Meinholz meinh...@javabilities.com wrote: I'm really not trying to troll, but... Less ability to fix your own problem (jdk 1.6) on a mac than on Linux though. Lloyd On Tue, Mar 2, 2010 at 3:49 PM, Viktor Klang viktor.kl...@gmail.com viktor.kl...@gmail.com wrote: On Tue, Mar 2, 2010 at 9:32 PM, Robert Casto casto.rob...@gmail.com casto.rob...@gmail.com wrote: Just a joke. I doubt any big companies, other than Apple, are using Macs for development. Some companies I have worked for don't care what you use. If you use a Mac though, you are completely on your own but I fail to see that as a deterrent. Sure, basically what that means is that you get the possibility to fix your problems right away instead of having to wait for your machine to be fixed by local IT maintenance. On Tue, Mar 2, 2010 at 3:27 PM, Kfir Shay kfir.s...@gmail.com kfir.s...@gmail.com wrote: Robert you might have said that as a joke but all the startups I have been part of were 100% Mac for developers. On Tue, Mar 2, 2010 at 3:22 PM, Robert Casto casto.rob...@gmail.com casto.rob...@gmail.com wrote: They must have all been Mac users. On Tue, Mar 2, 2010 at 3:12 PM, Kerry Sainsbury ke...@fidelma.com ke...@fidelma.com wrote: It's a fairly standard list, although you'll often see people being forced to use IE6. Some of these restrictions need to be relaxed for developers, and they usually are in my experience. My favourite restriction was one corporate that had blocked the use of the right-mouse button. Beat that! Cheers Kerry On Sun, Feb 28, 2010 at 9:24 AM, phil.swen...@gmail.com phil.swen...@gmail.com phil.swen...@gmail.comphil.swen...@gmail.com wrote: I am curious... I work for a large software vendor and our policies are: -windows only (XP) -outside IM is banned (we have internal jabber server) -mandatory software that tracks every piece of software installed on your machine -manual proxy that tracks every outgoing web url (no banned urls tho) -skype is strictly forbidden -no use of SaaS software for company information -virus checker on every machine, including servers (kills performance on builds) -encrypted harddrives -itunes is banned -VPN policy forces all traffic to be routed over internet The reasons behind this are supposedly that the company must track all information for legal purposes. So I'm curious - do companies like Google, Oracle, Microsoft, Intel have policies like this? -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javaposse@googlegroups.com javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse%2bunsubscr...@googlegroups.com javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en http://groups.google.com/group/javaposse?hl=en. -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javaposse@googlegroups.com javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse%2bunsubscr...@googlegroups.com javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en http://groups.google.com/group/javaposse?hl=en. -- Robert Casto http://www.IWantFreeShipping.comwww.IWantFreeShipping.com Find Amazon Filler Items easily! -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javaposse@googlegroups.com javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse%2bunsubscr...@googlegroups.com javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en http://groups.google.com/group/javaposse?hl=en. -- You received
[The Java Posse] Re: IT policies of large corporations - what is normal?
On Mar 1, 2:45 pm, Kevin Wright kev.lee.wri...@googlemail.com wrote: This is about developer access to machines, not corporate droids in general. Computers and the internet are very much the tools of our trade, tools that are blunted and crippled by these security policies. The real problem is not the policies themselves, but their indiscriminate application. OK, I can accept that this is your point of view, but the original post was asking about the IT lockdown policies of large IT companies, not about how those lockdown policies affect developers specifically - or at least that was how I read it. In the big end-to-end consultancies, and in the verticals, developers might be the biggest group of people but certainly aren't the majority. -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
[The Java Posse] Re: IT policies of large corporations - what is normal?
Encrypted harddrives? Sounds like a clueless exec paranoid about IP. Almost no code IP is worth anything to an outsider. Seriously, who is going to bother to try and figure out a competitor's code-base? Sounds like a huge PITA to me. For a CFO/CEO, I can understand wanting to have an encrypted HD. BTW, the overhead of encryption on a dev machine is very high. In 2007 there were a series of very embarassing, high profile data loss events in the UK: the Inland Revenue lost some unencrypted CDs with the tax and bank account details of over 10 million people. A contractor for the prison service lost a memory stick containing the personal details of prisoners due for release. A hard drive containing details of UK driving licence holders went missing in a data centre in the USA. As a result all the big consultancies accellerated their adoption of full drive encryption as a result, for all machines, as a way to mitigate against lost and stolen hardware. No, this wouldn't have prevented the first two events because people did not follow their employer's/customer's processes. It highlighted the degree of legal exposure though and the reaction was predictable. I did develop on a machine running full drive encryption for about nine months and I have to say that steady state performance was about the only thing we didn't complain about. Our biggest problem was the regularity with which the full drive encryption would fail, bricking the machine as a result and taking a couple of working days to get desktop support to get involved and run the decryption software. The bricking rate was as high as 20% in the early days. -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
Re: [The Java Posse] Re: IT policies of large corporations - what is normal?
On Sun, Feb 28, 2010 at 16:18, John Wright fortyrun...@gmail.com wrote: This sort of thing is completely normal. Hell, I didn't know that such a bad situation is such common, as one of my friends works at a big company and he even is free to install his working machine on his own (and he is not a developer!). But of your list what would you remove? Most of those constraints I would remove. I know security is a big issue but a lot of companies are cutting down productivity far too much. Security often comes along with drawbacks in efficiency (not talking about using SSL connections rather than unencrypted ones - this is an easy gain of security without a negative effect efficiency). XP is now becoming a hardened OS for enterprises because of the effort that has gone into making it secure. Instant Messaging outside of the companies control can cause immense reputational damage, Skype cannot be controlled and centrally recorded, lost hard drives that are unencrypted can also cause reputational damage. So far I was not able to find an IM+VoIP solution that works so stable and wherever I am (even behind quite restricted firewalls). And often especially when I am at a customer having an issue with a particular component written by someone else, I need quick and direct access to the developer. Skype often helped me in such situations. A lot of people now carry around iPhones and Netbooks so that they are outside the company network and can get access to stuff they want at their own risk. I have a feeling that companies will try and restrict use of these on company time at some stage. It is understandable that such small devices that even often get stolen as always taken on the road are a risk. This also applies to laptops. So I understand if harddisks need to be encrypted or passwords may not be saved locally - or at least not without a tool like keepass or so. However, restrictions like Windows (XP) only or banned IM do not help you in that. If the company wants to track all data to make sure people are not talking bad about the company, that is a poor attempt. People will know and will talk bad from home. And to bring data copies out of the company - I think for those who really want it, they will find a way. I think it is far better to treat the employees well and to act in an ethical way so that employees are acting loyally by their own motivation. Sorry, but that's the right path. The reasons behind this are supposedly that the company must track all information for legal purposes. for legal purposes - ROTFL - shiny argument. When just going to a customer working on a project I quite always need to firm appropriate statements that I treat everything confidential, do not talk bad of them blablabla - I am quite sure that even members of the cleaning stuff have to confirm such things often. So I'm curious - do companies like Google, Oracle, Microsoft, Intel have policies like this? In my opinion a good part of such policies is far from the desire of everybody to be agile. ;-) -- Martin Wildam -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
[The Java Posse] Re: IT policies of large corporations - what is normal?
On 27 Feb., 21:24, phil.swen...@gmail.com phil.swen...@gmail.com wrote: So I'm curious - do companies like Google, Oracle, Microsoft, Intel have policies like this? As a consultant, I've worked with big companies in the past, and they often constrain their employee's PCs/laptops heavily. Here's what I've come across: - WiFi disabled - no access to control panel - can't install software - browser fixed to IE 6 (no change of browser settings) - no local file system access except for temp directory - popular web sites blocked (eBay, email, social networks) - emails from certain email services (like Hotmail) are dropped without notification (to prevent spam) These machine make the iPhone look like Tinkerer's Paradise. But the main reason for that is not legal requirements, it's to lower support cost: When you can't tinker with your machine, you can't make a mess and call the support hotline. And if the laptop is broken, they just give you a new one, and you don't lose any app or data except for maybe your IE bookmarks. In the case of laptops, this also protects you against some theft of confidential data. -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
Re: [The Java Posse] Re: IT policies of large corporations - what is normal?
I think the most indefensible policy I've seen is to lock down the appearance of machines. So XP with the windows classic theme enforced and background unchangeable. There's clearly no security benefit in this, and I'd be very surprised if there had every been a case of someone using an inappropriate background image. Fortunately, that particular company was enlightened enough that they would allow developers to install linux on their own boxes - on the understanding that they shouldn't then expect their hands to be held by the support team for every trivial issue. My experience was that the support team far preferred requests from the developers anyway, as the problem was typically already solved and such requests usually just contained a detailed breakdown of what configuration changes were needed on some server or another. On 1 March 2010 10:55, Wildam Martin mwil...@gmail.com wrote: On Mon, Mar 1, 2010 at 11:41, Karsten Silz karsten.s...@gmail.com wrote: These machine make the iPhone look like Tinkerer's Paradise. But the main reason for that is not legal requirements, it's to lower support cost: When you can't tinker with your machine, you can't make a mess and call the support hotline. And if the laptop is broken, they just give you a new one, and you don't lose any app or data except for maybe your IE bookmarks. In the case of laptops, this also protects you against some theft of confidential data. That working data is to be stored on the net, that is clear, but for the support there is another well working strategy that I have encountered out there: If you call support and the issue can't be solved within 15 minutes then you get a new image. This usually results in the behavior of users to think twice before installing or changing something because all their settings are gone when they get a new image. Even on the most cut down machine users change some settings to make them more productive (if it is just explorer views and the like) and this is already annoying so support calls are reduced automatically with this strategy. -- Martin Wildam -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.comjavaposse%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/javaposse?hl=en. -- Kevin Wright mail/google talk: kev.lee.wri...@googlemail.com wave: kev.lee.wri...@googlewave.com skype: kev.lee.wright twitter: @thecoda -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
[The Java Posse] Re: IT policies of large corporations - what is normal?
In my last permanent job (I've been back freelance for the last two years) I used to work for a large American oursourcing company which is now part of HP and most of the things you have listed chime with my experience. We weren't completely bolted down - could install software and frequently did - but otherwise, yes, this a pretty standard experience inside most large companies. In one (small) company I did propose that we move all our web developers to Linux on the basis that almost everything they needed was available, and the odd thing that wasn't could be delivered over Citrix. Despite setting up a couple of demo development machines the management wasn't exactly overwhelmed, mainly I think because they couldn't get their heads around a machine that wasn't running Windows... On Feb 27, 8:24 pm, phil.swen...@gmail.com phil.swen...@gmail.com wrote: I am curious... I work for a large software vendor and our policies are: -windows only (XP) -outside IM is banned (we have internal jabber server) -mandatory software that tracks every piece of software installed on your machine -manual proxy that tracks every outgoing web url (no banned urls tho) -skype is strictly forbidden -no use of SaaS software for company information -virus checker on every machine, including servers (kills performance on builds) -encrypted harddrives -itunes is banned -VPN policy forces all traffic to be routed over internet The reasons behind this are supposedly that the company must track all information for legal purposes. So I'm curious - do companies like Google, Oracle, Microsoft, Intel have policies like this? -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
[The Java Posse] Re: IT policies of large corporations - what is normal?
That's all very well for, dare I say, the likes of us who deal intimately on a daily basis with all sorts of technologies at all sorts of levels. We understand the dangers that come with unfettered access - at least from a technical perspective - and (hopefully) act accordingly. Your average corporate citizen isn't so well versed - for example I heard of a situation several years ago where an employee in a company managed to share his entire company machine hard drive using an internet file sharing client and had no idea he'd done this until the new software installation was flagged by a software auditing package. It only takes the ill-judged actions of one person (however well intended) to cause the corporate IT and/or lawyers to bolt down access tighter than tight and you can see why it ends up that way. Personally I'm inclined to side with them - non IT-Savvy people do need protecting from themselves (once took a call from somebody complaining he couldn't access the company intranet from his WiFi enabled laptop, turned out he was in his car 20 miles from the network, no 3G data connection or anything - no, really). ... Most of those constraints I would remove. I know security is a big issue but a lot of companies are cutting down productivity far too much. Security often comes along with drawbacks in efficiency (not talking about using SSL connections rather than unencrypted ones - this is an easy gain of security without a negative effect efficiency). ... -- Martin Wildam -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
Re: [The Java Posse] Re: IT policies of large corporations - what is normal?
On Mon, Mar 1, 2010 at 15:06, Phil p...@haigh-family.com wrote: Personally I'm inclined to side with them - non IT-Savvy people do need protecting from themselves (once took a call from somebody complaining he couldn't access the company intranet from his WiFi enabled laptop, turned out he was in his car 20 miles from the network, no 3G data connection or anything - no, really). What about a 2-day crash-course of general IT knowhow for every new employee? No technical aid beats good education. -- Martin Wildam -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
Re: [The Java Posse] Re: IT policies of large corporations - what is normal?
This is about developer access to machines, not corporate droids in general. Computers and the internet are very much the tools of our trade, tools that are blunted and crippled by these security policies. The real problem is not the policies themselves, but their indiscriminate application. For example, when I was at primary school we had safe scissors that weren't especially sharp and had rounded ends. This made a great deal of sense, given that children and sharp things are not the best of combinations; it was policy that these type of scissors were used throughout the school. However, the blanket ban on sharp objects didn't extend to the kitchens, because it's accepted that knives are the tools-in-trade for chefs and cooks. The very attribute that makes a knife dangerous is the same thing that makes it useful. When used at a developer level then computers are the same. Their main strength lies in broad versatility and a capacity to be true general-purpose devices, why should this capability be prevented for professionals? Carried to its illogical conclusion, a policy based on safety to the exclusion of all else would have us all working on ipads, nothing but jelly and tapioca in the canteens, and the lawyers driving such policy should be deprived of their books for risk of paper cuts. On 1 March 2010 14:11, Wildam Martin mwil...@gmail.com wrote: On Mon, Mar 1, 2010 at 15:06, Phil p...@haigh-family.com wrote: Personally I'm inclined to side with them - non IT-Savvy people do need protecting from themselves (once took a call from somebody complaining he couldn't access the company intranet from his WiFi enabled laptop, turned out he was in his car 20 miles from the network, no 3G data connection or anything - no, really). What about a 2-day crash-course of general IT knowhow for every new employee? No technical aid beats good education. -- Martin Wildam -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.comjavaposse%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/javaposse?hl=en. -- Kevin Wright mail/google talk: kev.lee.wri...@googlemail.com wave: kev.lee.wri...@googlewave.com skype: kev.lee.wright twitter: @thecoda -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
Re: [The Java Posse] Re: IT policies of large corporations - what is normal?
You are right but this is a hard sell in many corporations. Many companies do not have the manpower or strong enough IT people to implement different sets of rules and so it is easier to dictate policy and make everyone follow it. Luckily I work somewhere where I can use whatever tool I find best to get the job done. The machine is monitored, updated, scanned, and everything else. But at least I can get the tools I need. I think that is what most developers want. Some flexibility to get the best tool or at least one they are familiar with so they can be productive. Even chefs use many different types of knives to get the job done. You don't just give them a paring knife and tell them to make due. On Mon, Mar 1, 2010 at 9:45 AM, Kevin Wright kev.lee.wri...@googlemail.comwrote: This is about developer access to machines, not corporate droids in general. Computers and the internet are very much the tools of our trade, tools that are blunted and crippled by these security policies. The real problem is not the policies themselves, but their indiscriminate application. For example, when I was at primary school we had safe scissors that weren't especially sharp and had rounded ends. This made a great deal of sense, given that children and sharp things are not the best of combinations; it was policy that these type of scissors were used throughout the school. However, the blanket ban on sharp objects didn't extend to the kitchens, because it's accepted that knives are the tools-in-trade for chefs and cooks. The very attribute that makes a knife dangerous is the same thing that makes it useful. When used at a developer level then computers are the same. Their main strength lies in broad versatility and a capacity to be true general-purpose devices, why should this capability be prevented for professionals? Carried to its illogical conclusion, a policy based on safety to the exclusion of all else would have us all working on ipads, nothing but jelly and tapioca in the canteens, and the lawyers driving such policy should be deprived of their books for risk of paper cuts. On 1 March 2010 14:11, Wildam Martin mwil...@gmail.com wrote: On Mon, Mar 1, 2010 at 15:06, Phil p...@haigh-family.com wrote: Personally I'm inclined to side with them - non IT-Savvy people do need protecting from themselves (once took a call from somebody complaining he couldn't access the company intranet from his WiFi enabled laptop, turned out he was in his car 20 miles from the network, no 3G data connection or anything - no, really). What about a 2-day crash-course of general IT knowhow for every new employee? No technical aid beats good education. -- Martin Wildam -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.comjavaposse%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/javaposse?hl=en. -- Kevin Wright mail/google talk: kev.lee.wri...@googlemail.com wave: kev.lee.wri...@googlewave.com skype: kev.lee.wright twitter: @thecoda -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.comjavaposse%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/javaposse?hl=en. -- Robert Casto www.IWantFreeShipping.com Find Amazon Filler Items easily! -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
Re: [The Java Posse] Re: IT policies of large corporations - what is normal?
I believe the main problem is that very few have actually taken the time to sit down and discuss what the needs are, what the purpose is, how to measure if the solution is aligned with the needs and the risks associated with strictness vs. nonstrictness. I fully understand the difficulty in measuring the soft values, but we're people, working with other people, and failing to realize that will make for very poor understanding of needs, benefits and costs. On Mon, Mar 1, 2010 at 4:02 PM, Robert Casto casto.rob...@gmail.com wrote: You are right but this is a hard sell in many corporations. Many companies do not have the manpower or strong enough IT people to implement different sets of rules and so it is easier to dictate policy and make everyone follow it. Luckily I work somewhere where I can use whatever tool I find best to get the job done. The machine is monitored, updated, scanned, and everything else. But at least I can get the tools I need. I think that is what most developers want. Some flexibility to get the best tool or at least one they are familiar with so they can be productive. Even chefs use many different types of knives to get the job done. You don't just give them a paring knife and tell them to make due. On Mon, Mar 1, 2010 at 9:45 AM, Kevin Wright kev.lee.wri...@googlemail.com wrote: This is about developer access to machines, not corporate droids in general. Computers and the internet are very much the tools of our trade, tools that are blunted and crippled by these security policies. The real problem is not the policies themselves, but their indiscriminate application. For example, when I was at primary school we had safe scissors that weren't especially sharp and had rounded ends. This made a great deal of sense, given that children and sharp things are not the best of combinations; it was policy that these type of scissors were used throughout the school. However, the blanket ban on sharp objects didn't extend to the kitchens, because it's accepted that knives are the tools-in-trade for chefs and cooks. The very attribute that makes a knife dangerous is the same thing that makes it useful. When used at a developer level then computers are the same. Their main strength lies in broad versatility and a capacity to be true general-purpose devices, why should this capability be prevented for professionals? Carried to its illogical conclusion, a policy based on safety to the exclusion of all else would have us all working on ipads, nothing but jelly and tapioca in the canteens, and the lawyers driving such policy should be deprived of their books for risk of paper cuts. On 1 March 2010 14:11, Wildam Martin mwil...@gmail.com wrote: On Mon, Mar 1, 2010 at 15:06, Phil p...@haigh-family.com wrote: Personally I'm inclined to side with them - non IT-Savvy people do need protecting from themselves (once took a call from somebody complaining he couldn't access the company intranet from his WiFi enabled laptop, turned out he was in his car 20 miles from the network, no 3G data connection or anything - no, really). What about a 2-day crash-course of general IT knowhow for every new employee? No technical aid beats good education. -- Martin Wildam -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.comjavaposse%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/javaposse?hl=en. -- Kevin Wright mail/google talk: kev.lee.wri...@googlemail.com wave: kev.lee.wri...@googlewave.com skype: kev.lee.wright twitter: @thecoda -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.comjavaposse%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/javaposse?hl=en. -- Robert Casto www.IWantFreeShipping.com Find Amazon Filler Items easily! -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.comjavaposse%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/javaposse?hl=en. -- Viktor Klang | A complex system that works is invariably | found to have evolved from a simple system | that worked. - John Gall Akka - the Actor Kernel: Akkasource.org Twttr: twitter.com/viktorklang -- You received this message because you are subscribed to the Google Groups The Java Posse group. To
Re: [The Java Posse] Re: IT policies of large corporations - what is normal?
The need and purpose for many of these decisions is to avoid legal trouble. It is hard to argue with management when lawyers are telling them what they should do to avoid legal issues. There is no flexibility when decisions are based on that kind of information. I've known people using Notepad to create files because they couldn't get permission to install a tool. On Mon, Mar 1, 2010 at 10:12 AM, Viktor Klang viktor.kl...@gmail.comwrote: I believe the main problem is that very few have actually taken the time to sit down and discuss what the needs are, what the purpose is, how to measure if the solution is aligned with the needs and the risks associated with strictness vs. nonstrictness. I fully understand the difficulty in measuring the soft values, but we're people, working with other people, and failing to realize that will make for very poor understanding of needs, benefits and costs. On Mon, Mar 1, 2010 at 4:02 PM, Robert Casto casto.rob...@gmail.comwrote: You are right but this is a hard sell in many corporations. Many companies do not have the manpower or strong enough IT people to implement different sets of rules and so it is easier to dictate policy and make everyone follow it. Luckily I work somewhere where I can use whatever tool I find best to get the job done. The machine is monitored, updated, scanned, and everything else. But at least I can get the tools I need. I think that is what most developers want. Some flexibility to get the best tool or at least one they are familiar with so they can be productive. Even chefs use many different types of knives to get the job done. You don't just give them a paring knife and tell them to make due. On Mon, Mar 1, 2010 at 9:45 AM, Kevin Wright kev.lee.wri...@googlemail.com wrote: This is about developer access to machines, not corporate droids in general. Computers and the internet are very much the tools of our trade, tools that are blunted and crippled by these security policies. The real problem is not the policies themselves, but their indiscriminate application. For example, when I was at primary school we had safe scissors that weren't especially sharp and had rounded ends. This made a great deal of sense, given that children and sharp things are not the best of combinations; it was policy that these type of scissors were used throughout the school. However, the blanket ban on sharp objects didn't extend to the kitchens, because it's accepted that knives are the tools-in-trade for chefs and cooks. The very attribute that makes a knife dangerous is the same thing that makes it useful. When used at a developer level then computers are the same. Their main strength lies in broad versatility and a capacity to be true general-purpose devices, why should this capability be prevented for professionals? Carried to its illogical conclusion, a policy based on safety to the exclusion of all else would have us all working on ipads, nothing but jelly and tapioca in the canteens, and the lawyers driving such policy should be deprived of their books for risk of paper cuts. On 1 March 2010 14:11, Wildam Martin mwil...@gmail.com wrote: On Mon, Mar 1, 2010 at 15:06, Phil p...@haigh-family.com wrote: Personally I'm inclined to side with them - non IT-Savvy people do need protecting from themselves (once took a call from somebody complaining he couldn't access the company intranet from his WiFi enabled laptop, turned out he was in his car 20 miles from the network, no 3G data connection or anything - no, really). What about a 2-day crash-course of general IT knowhow for every new employee? No technical aid beats good education. -- Martin Wildam -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.comjavaposse%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/javaposse?hl=en. -- Kevin Wright mail/google talk: kev.lee.wri...@googlemail.com wave: kev.lee.wri...@googlewave.com skype: kev.lee.wright twitter: @thecoda -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.comjavaposse%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/javaposse?hl=en. -- Robert Casto www.IWantFreeShipping.com Find Amazon Filler Items easily! -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to
Re: [The Java Posse] Re: IT policies of large corporations - what is normal?
On Mon, Mar 1, 2010 at 4:22 PM, Robert Casto casto.rob...@gmail.com wrote: The need and purpose for many of these decisions is to avoid legal trouble. It is hard to argue with management when lawyers are telling them what they should do to avoid legal issues. There is no flexibility when decisions are based on that kind of information. I've known people using Notepad to create files because they couldn't get permission to install a tool. So the problem is that they hire people they don't trust. No filter in the world (aside from death) can prevent someone from saying the wrong thing. Sure there's always a need for security, but the solution for most of it is cultural, not technical. If I were a professional carpenter, and I was hired to build a house, and I was forced to work with one arm tied behind my back and a wooden hammer, I simply wouldn't take the job. If I were a doctor, and I was hired to heal someone, and they wanted to force me to use steak knives instead of scalpels, I simply wouldn't take the job. Part of being a professional is having the integrity, to be prepared to walk away when someone wants you to be unprofessional rather than making a poor job. And I truly believe, if your employer treats you with respect for your professionalism, you will also respect your employer. On Mon, Mar 1, 2010 at 10:12 AM, Viktor Klang viktor.kl...@gmail.comwrote: I believe the main problem is that very few have actually taken the time to sit down and discuss what the needs are, what the purpose is, how to measure if the solution is aligned with the needs and the risks associated with strictness vs. nonstrictness. I fully understand the difficulty in measuring the soft values, but we're people, working with other people, and failing to realize that will make for very poor understanding of needs, benefits and costs. On Mon, Mar 1, 2010 at 4:02 PM, Robert Casto casto.rob...@gmail.comwrote: You are right but this is a hard sell in many corporations. Many companies do not have the manpower or strong enough IT people to implement different sets of rules and so it is easier to dictate policy and make everyone follow it. Luckily I work somewhere where I can use whatever tool I find best to get the job done. The machine is monitored, updated, scanned, and everything else. But at least I can get the tools I need. I think that is what most developers want. Some flexibility to get the best tool or at least one they are familiar with so they can be productive. Even chefs use many different types of knives to get the job done. You don't just give them a paring knife and tell them to make due. On Mon, Mar 1, 2010 at 9:45 AM, Kevin Wright kev.lee.wri...@googlemail.com wrote: This is about developer access to machines, not corporate droids in general. Computers and the internet are very much the tools of our trade, tools that are blunted and crippled by these security policies. The real problem is not the policies themselves, but their indiscriminate application. For example, when I was at primary school we had safe scissors that weren't especially sharp and had rounded ends. This made a great deal of sense, given that children and sharp things are not the best of combinations; it was policy that these type of scissors were used throughout the school. However, the blanket ban on sharp objects didn't extend to the kitchens, because it's accepted that knives are the tools-in-trade for chefs and cooks. The very attribute that makes a knife dangerous is the same thing that makes it useful. When used at a developer level then computers are the same. Their main strength lies in broad versatility and a capacity to be true general-purpose devices, why should this capability be prevented for professionals? Carried to its illogical conclusion, a policy based on safety to the exclusion of all else would have us all working on ipads, nothing but jelly and tapioca in the canteens, and the lawyers driving such policy should be deprived of their books for risk of paper cuts. On 1 March 2010 14:11, Wildam Martin mwil...@gmail.com wrote: On Mon, Mar 1, 2010 at 15:06, Phil p...@haigh-family.com wrote: Personally I'm inclined to side with them - non IT-Savvy people do need protecting from themselves (once took a call from somebody complaining he couldn't access the company intranet from his WiFi enabled laptop, turned out he was in his car 20 miles from the network, no 3G data connection or anything - no, really). What about a 2-day crash-course of general IT knowhow for every new employee? No technical aid beats good education. -- Martin Wildam -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.comjavaposse%2bunsubscr...@googlegroups.com .
Re: [The Java Posse] Re: IT policies of large corporations - what is normal?
A lack of trust is one part of it, but essentially the company is trying to protect itself. Even the best employees will make mistakes sometimes. I think they try to be overly protective though, perhaps with good cause but it stifles productivity. I tend to work for smaller companies because they trust their employees more, give them flexibility in the use of tools, and try not to micromanage their employees. I see the legal issues increasing though. Recent news such as what happened to Google employees in Italy attest to that. Society is too quick to throw blame and demand a pound of flesh. There is little tolerance for that fact that people are human and humans sometimes make mistakes. No one is perfect. Apologize, fix the issue or make reparations, and then move on. On Mon, Mar 1, 2010 at 10:40 AM, Viktor Klang viktor.kl...@gmail.comwrote: On Mon, Mar 1, 2010 at 4:22 PM, Robert Casto casto.rob...@gmail.comwrote: The need and purpose for many of these decisions is to avoid legal trouble. It is hard to argue with management when lawyers are telling them what they should do to avoid legal issues. There is no flexibility when decisions are based on that kind of information. I've known people using Notepad to create files because they couldn't get permission to install a tool. So the problem is that they hire people they don't trust. No filter in the world (aside from death) can prevent someone from saying the wrong thing. Sure there's always a need for security, but the solution for most of it is cultural, not technical. If I were a professional carpenter, and I was hired to build a house, and I was forced to work with one arm tied behind my back and a wooden hammer, I simply wouldn't take the job. If I were a doctor, and I was hired to heal someone, and they wanted to force me to use steak knives instead of scalpels, I simply wouldn't take the job. Part of being a professional is having the integrity, to be prepared to walk away when someone wants you to be unprofessional rather than making a poor job. And I truly believe, if your employer treats you with respect for your professionalism, you will also respect your employer. On Mon, Mar 1, 2010 at 10:12 AM, Viktor Klang viktor.kl...@gmail.comwrote: I believe the main problem is that very few have actually taken the time to sit down and discuss what the needs are, what the purpose is, how to measure if the solution is aligned with the needs and the risks associated with strictness vs. nonstrictness. I fully understand the difficulty in measuring the soft values, but we're people, working with other people, and failing to realize that will make for very poor understanding of needs, benefits and costs. On Mon, Mar 1, 2010 at 4:02 PM, Robert Casto casto.rob...@gmail.comwrote: You are right but this is a hard sell in many corporations. Many companies do not have the manpower or strong enough IT people to implement different sets of rules and so it is easier to dictate policy and make everyone follow it. Luckily I work somewhere where I can use whatever tool I find best to get the job done. The machine is monitored, updated, scanned, and everything else. But at least I can get the tools I need. I think that is what most developers want. Some flexibility to get the best tool or at least one they are familiar with so they can be productive. Even chefs use many different types of knives to get the job done. You don't just give them a paring knife and tell them to make due. On Mon, Mar 1, 2010 at 9:45 AM, Kevin Wright kev.lee.wri...@googlemail.com wrote: This is about developer access to machines, not corporate droids in general. Computers and the internet are very much the tools of our trade, tools that are blunted and crippled by these security policies. The real problem is not the policies themselves, but their indiscriminate application. For example, when I was at primary school we had safe scissors that weren't especially sharp and had rounded ends. This made a great deal of sense, given that children and sharp things are not the best of combinations; it was policy that these type of scissors were used throughout the school. However, the blanket ban on sharp objects didn't extend to the kitchens, because it's accepted that knives are the tools-in-trade for chefs and cooks. The very attribute that makes a knife dangerous is the same thing that makes it useful. When used at a developer level then computers are the same. Their main strength lies in broad versatility and a capacity to be true general-purpose devices, why should this capability be prevented for professionals? Carried to its illogical conclusion, a policy based on safety to the exclusion of all else would have us all working on ipads, nothing but jelly and tapioca in the canteens, and the lawyers driving such policy should be deprived of their books for risk of paper cuts. On 1 March
[The Java Posse] Re: IT policies of large corporations - what is normal?
A few of these are reasonable. Most are ridiculous. What they are doing is instilling a blanket policy across all employees, no matter the job function. They are treating you like a call center employee. You are a software developer (I assume), you shouldn't be treated like a dumbass. And fact is, if your are a software dev - you probably know enough to easily bypass most/all of these measures anyway. Banning IM and Skype are silly. Do they ban cell phones/SMS? Same thing really. software tracking? Fairly standard, prevents piracy. this makes sense actually. Virus checking is important for windows, no prob there - although they should let devs configure exclude dirs. Virus checkers can KILL a windows box! And they are just asking devs to hack their machines and turn it completely off (I bet many do). iTunes banned? Eh? Why? Encrypted harddrives? Sounds like a clueless exec paranoid about IP. Almost no code IP is worth anything to an outsider. Seriously, who is going to bother to try and figure out a competitor's code-base? Sounds like a huge PITA to me. For a CFO/CEO, I can understand wanting to have an encrypted HD. BTW, the overhead of encryption on a dev machine is very high. Manual proxies are a sign of an incompetent IT dept. Who in this day still makes people manually configure a proxy? What a pain - many apps don't use IE's system settings so you are in a constant config battle if you are on/off the corporate network. No SAAS? heh. just old school thinking. I think it's silly almost every corp still uses in-house Email. Fact is Gmail rocks and is much more reliable, spam/virus free than any in-house managed email. Legal reasons? I'm no lawyer... maybe there are laws out there... On Feb 27, 1:24 pm, phil.swen...@gmail.com phil.swen...@gmail.com wrote: I am curious... I work for a large software vendor and our policies are: -windows only (XP) -outside IM is banned (we have internal jabber server) -mandatory software that tracks every piece of software installed on your machine -manual proxy that tracks every outgoing web url (no banned urls tho) -skype is strictly forbidden -no use of SaaS software for company information -virus checker on every machine, including servers (kills performance on builds) -encrypted harddrives -itunes is banned -VPN policy forces all traffic to be routed over internet The reasons behind this are supposedly that the company must track all information for legal purposes. So I'm curious - do companies like Google, Oracle, Microsoft, Intel have policies like this? -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
Re: [The Java Posse] Re: IT policies of large corporations - what is normal?
but should devs have privileges over non devs? id be a little upset with that. Where i work, there are some restricted URL's, but devs are free to install whatever OS - but we have to manage them on our own. Those who install windows have to be in the domain and install AV (and causes build time to explode). Aside from pirated softwares, there are no restrictions on software installation. Ive seen companies that go as far as locking USB ports in order to prevent pendrive usage. Also, internet was extremely restricted. On Mon, Mar 1, 2010 at 2:54 PM, josef newton josef.new...@gmail.com wrote: A few of these are reasonable. Most are ridiculous. What they are doing is instilling a blanket policy across all employees, no matter the job function. They are treating you like a call center employee. You are a software developer (I assume), you shouldn't be treated like a dumbass. And fact is, if your are a software dev - you probably know enough to easily bypass most/all of these measures anyway. Banning IM and Skype are silly. Do they ban cell phones/SMS? Same thing really. software tracking? Fairly standard, prevents piracy. this makes sense actually. Virus checking is important for windows, no prob there - although they should let devs configure exclude dirs. Virus checkers can KILL a windows box! And they are just asking devs to hack their machines and turn it completely off (I bet many do). iTunes banned? Eh? Why? Encrypted harddrives? Sounds like a clueless exec paranoid about IP. Almost no code IP is worth anything to an outsider. Seriously, who is going to bother to try and figure out a competitor's code-base? Sounds like a huge PITA to me. For a CFO/CEO, I can understand wanting to have an encrypted HD. BTW, the overhead of encryption on a dev machine is very high. Manual proxies are a sign of an incompetent IT dept. Who in this day still makes people manually configure a proxy? What a pain - many apps don't use IE's system settings so you are in a constant config battle if you are on/off the corporate network. No SAAS? heh. just old school thinking. I think it's silly almost every corp still uses in-house Email. Fact is Gmail rocks and is much more reliable, spam/virus free than any in-house managed email. Legal reasons? I'm no lawyer... maybe there are laws out there... On Feb 27, 1:24 pm, phil.swen...@gmail.com phil.swen...@gmail.com wrote: I am curious... I work for a large software vendor and our policies are: -windows only (XP) -outside IM is banned (we have internal jabber server) -mandatory software that tracks every piece of software installed on your machine -manual proxy that tracks every outgoing web url (no banned urls tho) -skype is strictly forbidden -no use of SaaS software for company information -virus checker on every machine, including servers (kills performance on builds) -encrypted harddrives -itunes is banned -VPN policy forces all traffic to be routed over internet The reasons behind this are supposedly that the company must track all information for legal purposes. So I'm curious - do companies like Google, Oracle, Microsoft, Intel have policies like this? -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.comjavaposse%2bunsubscr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/javaposse?hl=en. -- http://mapsdev.blogspot.com/ Marcelo Takeshi Fukushima -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
Re: [The Java Posse] Re: IT policies of large corporations - what is normal?
Most of these measures have to do with the amount of risk that a company is willing to put up with. Having worked for pharmaceutical companies and defense contractors, I can attest to the fact that they have a certain degree of justifiable paranoia when it comes to security. Most of these types of companies have their own IM services (like Microsoft Communicator) and have them configured not to keep logs of conversations. The main reason for this is that (like email) IM conversations can be used in court cases (as Microsoft has seen). Similarly, companies will sometimes block investor sites, and rumor sites to prevent proprietary information from leaking out. The standard procedure is that if someone asks you for information about the company, or provides misinformation about the company, it's not your job to correct that information, or supply information about the company. The public relations person is usually responsible for dealing with the public. The usual policy is that you don't discuss business outside of company offices, or on non-company hardware. As far as banning cell phones, most companies will ban these for two reasons: you can take pictures with them, and if they have an SD card in them, you could walk out the door with proprietary information in the SD card. Many companies will also block USB ports, SD card readers, and CD writers on computers for similar reasons. Some companies will allow cell phones as long as they do not have cameras, but there are also companies that have secure areas where you place your phone on a shelf before entering the room. ITunes is often banned because you can easily fill up a hard drive with your tunes/podcasts, and it eats up bandwidth when your downloading songs and podcasts, or sharing your tunes with your co-workers. Encrypted harddrives are used because some types of databases use Social Security numbers as identifiers for patients, or employees. There have been numerous cases where this type of personal identifier information was on an unencrypted hard drive on a laptop that was stolen while going through airport security, or waiting in a hotel lobby for a client. Hope this helps explain a few things. Mark -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
Re: [The Java Posse] Re: IT policies of large corporations - what is normal?
josef newton wrote: Banning IM and Skype are silly. Do they ban cell phones/SMS? Same thing really. I don't think IM and cell phones are the same. IM and Skype are using company infrastructure - packets going out come from the company (not a personal phone), and so the company may be held legally responsible for them. Also IM and Skype have access to the corporate network. Defects in such software *has* been used to break into companies and steal information. Do you really want a company that has your personal information (such as credit card details) making that information susceptible to attack? Such breaches can destroy a companies reputation - a lot more costly than increasing the productivity of some individuals. I have been listening to a number of security podcasts recently and I must say the insecurity of many systems out there gets quite frightening at times. And they talk about exploits that have actually happened. E.g. an episode back in October last year (so might have been fixed now) was talking about how one web browser (not IE) as soon as you installed one plug in was susceptible to attack. The plugins have access to all web browser internals, so can hide themselves, download more plugins and hide them, and access the complete memory space of the browser (including cached passwords etc). Imagine a plugin developer having auto updates, then a hacker breaking into the auto-update site and putting malware into the plugin. They can then skim all your banking details etc without you knowing. Actually, the security podcasts are also quite fun to listen to at times. My favorite was a talk where a researcher got a laser pointer, rewired it to hook up to the MIC in line on their computer (turning it into a directional laser microphone), then adapted voice recognition software to distinguish between the sound of different keys on a laptop. They pointed it at the back of a laptop while someone was typing, collected sound for a bit, then fed it through a dictionary to guess which sounds were which keys on the keyboard. The space bar sounds so different it was easy to spot word breaks. In less than a minute they could listen in on what someone was typing on their laptop with fairly good accuracy. They then demonstrated it working in the conference presentation. I think it worked from 20m away with a cheap off the shelf laser pointer. I am not saying some companies don't have security tighter than necessary or that its annoying. But I do think that most developers DO NOT understand security issues as deeply as you would expect. I think its a specialist field. Its sort of like saying all carpenters are cabinet makers. It just isn't so! Sorry, not picking on this post in particular. Just wanted to make the point that (I believe) most developers do not know enough about securing systems, so just saying trust developers as they are more IT literate is not convincing to me. But it could also be paranoia after listening to too many security podcasts! Alan -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
Re: [The Java Posse] Re: IT policies of large corporations - what is normal?
nope, just a pretty big enterprise software company. I don't think I should mention the name... You should realise, if you are really worried about the anonymity of the company, that it took a single Google search and viewing a couple of pages to find the name of it. Just in case you weren't aware... Best regards, Graham -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
[The Java Posse] Re: IT policies of large corporations - what is normal?
This sort of thing is completely normal. Sure, some enlightened companies may have laxer policies such as allowing Macs. But of your list what would you remove? XP is now becoming a hardened OS for enterprises because of the effort that has gone into making it secure. Instant Messaging outside of the companies control can cause immense reputational damage, Skype cannot be controlled and centrally recorded, lost hard drives that are unencrypted can also cause reputational damage. A lot of people now carry around iPhones and Netbooks so that they are outside the company network and can get access to stuff they want at their own risk. I have a feeling that companies will try and restrict use of these on company time at some stage. The average IT user at a company does not understand a lot of this stuff and needs to be protected. I remember when the Internet was first allowed at a company I worked at; the first thing some people did was download porn and games. There are regularly tales in the UK press of people still doing this stuff and get fired for it. Their IT departments are the ones that should be fired! There are so many attack vectors these days that the basic stuff above needs to be done. Look at the fuss that went on a few weeks ago when Google were seen to have used IE6 and someone tried to hack them! Google seem to mostly build their own stuff; partly because they are engineers and partly (I suspect) because they are ultra-paranoid. MS will almost certainly be using Win7 internally, Skype and iTunes will be banned for obvious reasons! On Feb 27, 9:24 pm, phil.swen...@gmail.com phil.swen...@gmail.com wrote: I am curious... I work for a large software vendor and our policies are: -windows only (XP) -outside IM is banned (we have internal jabber server) -mandatory software that tracks every piece of software installed on your machine -manual proxy that tracks every outgoing web url (no banned urls tho) -skype is strictly forbidden -no use of SaaS software for company information -virus checker on every machine, including servers (kills performance on builds) -encrypted harddrives -itunes is banned -VPN policy forces all traffic to be routed over internet The reasons behind this are supposedly that the company must track all information for legal purposes. So I'm curious - do companies like Google, Oracle, Microsoft, Intel have policies like this? -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
[The Java Posse] Re: IT policies of large corporations - what is normal?
Do you work for a bank? We had everything you mention at the insurance company I worked at. On Feb 28, 7:24 am, phil.swen...@gmail.com phil.swen...@gmail.com wrote: I am curious... I work for a large software vendor and our policies are: -windows only (XP) -outside IM is banned (we have internal jabber server) -mandatory software that tracks every piece of software installed on your machine -manual proxy that tracks every outgoing web url (no banned urls tho) -skype is strictly forbidden -no use of SaaS software for company information -virus checker on every machine, including servers (kills performance on builds) -encrypted harddrives -itunes is banned -VPN policy forces all traffic to be routed over internet The reasons behind this are supposedly that the company must track all information for legal purposes. So I'm curious - do companies like Google, Oracle, Microsoft, Intel have policies like this? -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
[The Java Posse] Re: IT policies of large corporations - what is normal?
nope, just a pretty big enterprise software company. I don't think I should mention the name... On Feb 27, 5:37 pm, Steven Herod steven.he...@gmail.com wrote: Do you work for a bank? We had everything you mention at the insurance company I worked at. On Feb 28, 7:24 am, phil.swen...@gmail.com phil.swen...@gmail.com wrote: I am curious... I work for a large software vendor and our policies are: -windows only (XP) -outside IM is banned (we have internal jabber server) -mandatory software that tracks every piece of software installed on your machine -manual proxy that tracks every outgoing web url (no banned urls tho) -skype is strictly forbidden -no use of SaaS software for company information -virus checker on every machine, including servers (kills performance on builds) -encrypted harddrives -itunes is banned -VPN policy forces all traffic to be routed over internet The reasons behind this are supposedly that the company must track all information for legal purposes. So I'm curious - do companies like Google, Oracle, Microsoft, Intel have policies like this? -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
[The Java Posse] Re: IT policies of large corporations - what is normal?
It's all a mix of those depending on where you go. Australian government lock their web and machines down pretty tightly. And they arn't used to being development shops. I had to get a special auth to install software. Symantec was interesting. While security was high, and Symantec Anti- virus on all machine (duh!), I did notice you could browse to sites that are normally locked down. ebay, facebook etc. Well, since their slogan is confidence in a connected world it would be hypercritical for them to lock down their staff while claiming to be empowering the world. I worked for a US finance technology company which had wifi honeypots. The idea was if you connected to these free wi-fi connections they might come around and break your legs. But they had been victim to some scandal so I understand their security. -- You received this message because you are subscribed to the Google Groups The Java Posse group. To post to this group, send email to javapo...@googlegroups.com. To unsubscribe from this group, send email to javaposse+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.