[0xedd]

Wrong. 80% of attacks are social engineering ones. In which an employee is convinced to make a bank transfer, open some document, install some program. From there, often times it's exploiting wide spread software commonly found in large organizations.

Everything you said cannot be further from the truth.

[themacguffinman]

Hence the pre-approved software restrictions. In a locked down system, even the most gullible employee won't have the authorization to "install some program".

I'd also hope that businesses care about more than 80% of attacks, preferably they should care about 100% of attacks. Hence, pre-approved software restrictions.

[ensan]

Wrong again.

The computers in any sizable business already have the pre-approved restrictions set on the OS level. Employers can’t just install any software.

[xxpor]

That's not true at any big dev shop