This thread hits home. I switched jobs a few years ago because the IT policies on workstations were being ratcheted down to make my job as a developer difficult to impossible.
Now, the company I work for, ostensibly a _software_ company, got its ISO certifications, which meant policies and procedures that make developing hard or impossible again.
How does a software business _successfully_ implement stringent access controls while still allowing for efficient software development? I'd like to see/hear what works.
Developers don't need admin rights for much of anything in this decade. No need to bother with that.
Common software has to be made available in self-service, so developers can install development tools like notepad++ or visual studio.
Deployment is usually the challenge because you have to store binaries somewhere, copy it to some random servers and finally execute it, each step causing numerous security headaches, so there has to be some approved tooling to handle that.
Developers don't need admin rights for much of anything in this decade. No need to bother with that.
Please defend this position.
My experience, mostly with Linux-like tools, is that those tools are built with the assumption they are being used by someone who knows what they are doing, and that they have the appropriate level of control of the machine -- they are tools for professionals to build tools.
If you don't have rights to install or execute them, you're done. You can't make any forward progress.
Alas, I'm in a similar situation with my current stint and looking for an exit.
The most maddening part for me is to literally sit around helpless and unable to do any development because you need to wait for your IT support ticket to be looked at. Then having to explain to your manager why work is behind schedule.
However, idle time alone doesn't seem like strong enough reason to open discussion on changing IT policies.
Now, the company I work for, ostensibly a _software_ company, got its ISO certifications, which meant policies and procedures that make developing hard or impossible again.
How does a software business _successfully_ implement stringent access controls while still allowing for efficient software development? I'd like to see/hear what works.