One of the biggest challenges for a security administrator is how to "balance" the security needs of the company with giving appropriate "freedom" to the end-users, to ensure that they can effectively do their jobs and be creative, and not have them live in some version of North Korea. It's a balance that is really, really complicated to find.Yincognito wrote: ↑September 14th, 2020, 1:00 pm True that. This wasn't a matter of computer security though, IMHO, but rather a matter of employee behavior. This is easier to alleviate or correct than strict matters of security, at least in theory. None of them can be fully "fixed" though, and that's a matter of life in the end.
"Trust" and "assume" are not words that are, nor should be, in the vocabulary of any security administrator.