undefined | Better HN

0 pointsmake38y ago0 comments

This sounds beyond absurd to me. Do they also block usb ports to prevent you from copying everything on a usb drive or external harddrive, or phone? Do they lock/solder you machines shut to prevent you from taking out a hard drive / plugging in a new one and then taking it out? Do they prevent you from .. printing the code? In what parallel world do they exist that they think this would make a difference

0 comments

kingbirdy8y ago

As someone who works at a finance related company: yes. No USB storage is allowed, all cloud hosting sites are blocked (not SO, thankfully, they're more worried about us stealing SSNs and other PII than code), and all printers are logged and have drivers that detect if you're printing PII and censor it by default (or so I've been told, I don't really feel the need to test that).

A friend works at an investment firm, and has similar restrictions as the above commenter mentioned (no SO, no USB, no printing, etc), as well as pulling his phone out while at his desk or around any other computer being an immediate fireable offense.

michaelt8y ago

A few years ago, I interviewed at a company called 'G Research' and the security procedures I noticed included:

* A 'secure zone' where work took place.

* All desktops virtualised, using thin clients.

* All Windows, no admin access.

* Screens, filesystem snapshots, and web access recorded, all the time.

* All software installation subject to approval (e.g. Firefox not permitted, only Chrome).

* Desks fixed in place, all cables in locked cable trays.

* Separate internal-only e-mail system.

* No printers.

* Specially printed notepads & other stationary in the 'secure zone', no secure zone stationary to leave or non-secure-zone stationary to enter.

* No cell phones, cameras or laptops permitted (lockers were provided).

* Entry points with human guards and metal detectors.

* No late working outside guards' hours.

While it would have been possible to get around the security if you were inventive enough (e.g. camera with no metal parts) it would be difficult to do so then believably claim it was an accident.

I didn't take the job, because I didn't feel I could be productive with so much bureaucracy.

kavok8y ago

I've worked in financial software and they do block USB ports for any storage device. They block SD card slots too. All work was done on a VM that could only be accessed from the company network and was remotely hosted.

j / k navigate · click thread line to collapse