One chestnut from my history in lottery game development:

While our security staff was incredibly tight and did a generally good job, oftentimes levels of paranoia were off the charts.

Once they went around hot gluing shut all of the “unnecessary” USB ports in our PCs under the premise of mitigating data theft via thumb drive, while ignoring that we were all Internet-connected and VPNs are a thing, also that every machine had a RW optical drive.

  • Hogger85b@kbin.social
    link
    fedilink
    arrow-up
    87
    arrow-down
    1
    ·
    1 year ago

    Set the automatic timeout for admin accounts to 15 minutes…meaning that process that may take an hour or so you have to wiggle the mouse or it logs out …not locks… logs out

    From installs to copying log files, to moving data to reassigning owner of data to the service account.

      • fat_stig@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        1 year ago

        Mine was removed by Corporate IT, along with a bunch of other open source stuff that made my life bearable.

        Also I spent 5 months with our cyber security guys to try and provide a simple file replication server for my team working in a remote office with shit internet connectivity. I gave up, the spooks put up a solid defense, push all the onerous IT security compliance checking onto my desk instead of taking control.

        Not as bad as my previous company though, outsourced IT support to ATOS was a nightmare.

        • Aceticon@lemmy.world
          link
          fedilink
          arrow-up
          9
          ·
          edit-2
          1 year ago

          It’s reasonably easy to make a hardware mouse wiggler with an Arduino Micro (and I don’t mean something that physically moves a mouse, rather something that looks like a USB mouse to the computer and periodically sends mouse movement messages).

          If you’re desperate enough, look it up as it’s quite simple so there should be step by step instructions out there.

            • Aceticon@lemmy.world
              link
              fedilink
              arrow-up
              2
              ·
              edit-2
              1 year ago

              Yeah, it’s surprisingly simple to get these microcontrollers to become essentially programmable keyboard/mouse emulators, by which point if you’re familiar with the stuff to program them (Arduino being the simplest and most widespread framework) it really just becomes a coding task and you can get it to do crazy stuff.

              I suggested an Arduino Micro board because it bypasses the whole hardware side of the problem, but something like what you mention is even simpler.

            • glue_snorter@lemmy.sdfeu.org
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              I used a Sidewinder keyboard for years with programmable macros.

              Yeah, I had my password as a macro.

              Dick move on my part as the macro, I’m fairly sure, is stored in plaintext on the PC. But the convenience was great. I don’t do that any more.

          • fat_stig@lemmy.world
            link
            fedilink
            English
            arrow-up
            5
            ·
            1 year ago

            After mine was disabled, I found that if I run videos of old meetings or training onscreen, it keeps the system alive…

            Works nicely when I’m WFH.

            • Krudler@lemmy.worldOP
              link
              fedilink
              English
              arrow-up
              6
              ·
              1 year ago

              Ahhh the old “level up an RPG Skill by jamming a pen cap into a key and going to watch Night Court reruns” method.

              Thanks, I actually didn’t know holding CTRL would keep the system awake!

            • FooBarrington@lemmy.world
              link
              fedilink
              arrow-up
              5
              ·
              1 year ago

              Does that keep your status in Teams as “online”? That’s what I use the jiggler for - if I’m waiting for CI tests which take 30+ minutes and I sit in front of the laptop, I don’t want to have to manually jiggle my mouse every couple of minutes just to keep my status.

              • lightnsfw@reddthat.com
                link
                fedilink
                arrow-up
                2
                ·
                edit-2
                1 year ago

                Idk about every application but it keeps windows from timing out which serves most purposes for me.

    • netburnr@lemmy.world
      link
      fedilink
      English
      arrow-up
      16
      arrow-down
      1
      ·
      1 year ago

      There is no compliance item I am aware of that has that requirement, some CISO needs to learn to read.