Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Seems perfectly sensible to ban all software that is not pre-approved by IT, InfoSec and Legal.

You can't safely assume all your employees are properly assessing the risks unless that is their actual job. If you only allow what you know then you can reason about your risk.



Google’s reputation as an employer stems in large part from rejecting that belief, and more generally the enterprise bureaucratic culture it lives in.

Engineers aren’t clamoring to get into the kinds of companies where IT needs to pre-approve software for their workstations.


You might be disappointed to know that native applications need pre-approval in most cases. There's a whitelist.

Of course, after years and years and hundreds of thousands of engineers, the whitelist is pretty robust.

I don't know for sure, but I bet Zoom has been on that whitelist, and "banning" is removing it from that whitelist.


I'll be absolutely stunned if people are really having to raise JIRA tickets instead of typing "brew install" but my information is secondhand so what do I know.

Our laptops are configuration managed, force upgraded, and surveilled, but we all have root and IT has never stood in the way of "power user" behavior. The extent of the frustration in engineering is that their management processes sometimes eat CPU. My understanding is that most of the Valley is like this.


https://github.com/google/santa is used to whitelist binaries on Macs, but you can fill out a form to instantly opt out. One of the options for why is "I use a package manager".


Most Google engineers don't have root on their own machines anymore.


That's not true; you can use "sudo" to get root access on gLinux desktops and servers.


This reads like it is specifically targeting zoom.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: