Comment by _tk_
15 hours ago
I’m a little surprised by the takes in the comments. Obviously, heads of departments or agencies, CEOs, or similar personnel are generally not in the same league as normal employees when it comes to compliance.
Productivity and efficiency are key for their work. I am sure there are lots of Sysadmins here, that had to disable security controls for a manager or had to configure something in a way to circumvent security controls from actually working. I have been in many situations where I have been asked by IT colleagues if doing something like that was fine, because an executive had to read a PowerPoint file NOW.
Sysadmins are afforded special leniency because of their demonstrated competence. Their leeway is earned. In this case, the "cyber security chief" has no proven skill other than absolute loyalty to his boss, which justified his skipping the usual vetting procedure.
Obviously those kinds of stories are common, but you can’t seriously be suggesting that it is a good or acceptable thing?
Execs are just as stupid as your average person and bypassing security controls for them puts an organization at an even greater risk due to the kinds of information they have access to. They just get away with it because they’re in charge.
Yes.
It touched a nerve because no one in the trump admin is qualified to do their job. There's a lot of corruption and a lot of people getting access to things they shouldn't due to their relationship and loyalty, not merit. There's a big difference from a sys admin having super user access and some random politically connected hack abusing their privilege.
DOGE/Musk, noem, Kash, hegseth, etc.