Comment by andylynch
5 years ago
Depends on the org. Some firms block direct executable file downloads and scan for unrecognised code on the network, proxying them all through something like Nexus This is only going to become more common (and necessary) in the wake of things like the SolarWinds hack.
My Excel skills are a bit rusty but I remember the times when it was advised to not open .doc or .xls files from an unknown source because harmful VBA macros could be executed on opening the file. Did this changed lately? If not, how is opening an .xls file different from installing a non-tested python package from security perspective?
You're mistakenly assuming all IT policies stem from logic.
Hmm... I should have written making up "blockers" disguised as policies stem from logic. I consider the loop closed. QED