> Maybe do a thorough background check. I’m unfamiliar with Linux operating system but could it be used to hack and bypass windows based security systems.[0]
That's just plain funny. People like this are why so many view HR as the enemy.
This is reasonable in a way. I don't think the person who commented this originally understands why, but still...
Larger companies often use remote device management / monitoring. Not being a part of the system means you won't get the same enforcement on updates, firewall, internal ssl certificates, etc. It's not strictly bypassing, but it's potentially not complying either.
> Not being a part of the system means you won't get the same enforcement on updates, firewall, internal ssl certificates, etc. It's not strictly bypassing, but it's potentially not complying either
A good company makes sure you can't bypass it.
On our platform if your computer is not managed you're not even getting on the network as it requires an automatically issued certificate for wifi and in most cases for the wired network too.
All the cloud services like MS365 we use will block you from logging in too. If you're managed but stuff is out of date you're rerouted to a mitigation subnet that just offers resources to fix it.
And we're not even a high security company like financial, military tech or healthcare.
We do support PC, Mac and Ubuntu and RedHat Linux though.
Apple management has been possible though MDM profiles way way longer than 2021. I set up complete management for our Mac fleet since 2017 and it was already around then.
I'm highly suspicious of these kind of posts. They remind me of the old "Ask Alice" in the magazines, with all kinds of wild and outlandish questions to which there was always a "perfect" response.
I.e. I think they are made up situations for karma.
I agree. This post has so much visibility on Reddit and HN. The manager is openly discussing terminating the employee with strangers online. The situation and the details are so specific. If this is real, the employee is likely to find this post, or the HR department.
How does a qualified manager think this is at all okay?
I've been thinking a lot about hiring recently. Friends and acquaintances often tell insane stories about their workplaces, and inevitably the problems all stem from poor hiring. The specific request in TFA is insane and shouldn't be entertained. This doesn't mean the employee in question is bad, but, in general, when you entertain requests like this you're bound to pick up a few bad eggs. When you build a team, you want to ensure that everyone has the right mindset. This means people with little ego who are willing to put aside their personal differences to do what's best for the team. Starting your employment with a bizarre religious exemption to using Windows does not illustrate that in the least.
There is also the related question about why the company needs this employee. What I've seen is that such red flags often come up in hiring. Good managers recognize that there is a potential culture fit and pass without losing any sleep. Bad managers, those who obsessed with increasing their headcount, are willing to ignore such signal. They're willing to sacrifice the quality of the team, its output, and the company at large for their own personal gain.
> They're willing to sacrifice the quality of the team, its output, and the company at large for their own personal gain.
I could write a book about it over just what I've seen with my own eyes for 30 years. I wish someone would have forced me to see that, when this happens, it's almost always because someone is making a _conscious_ choice to do so, NOT because "they're stupid." It would have saved me an unbelievable amount of time and frustration, trying to "correct" their thinking from a place of naiveté and best intentions. My personality is such that I couldn't conceive that this path would have been chosen, as I thought it would be (in essence) "evil." Really, it's just another strategy for whatever "success" they can achieve, by people who don't have any of the other tools at their disposal. It's sad, but it's a fact of life and the nature of the human race. Once you can understand this, it's easier to recognize it, and just route around it. It took me 20 years to get it. I hope others fare better.
Just wipe the laptop and let them install Linux, but make it very clear that it is not supported and they'll have to find out how to do everything themselves.
If they can, great, no problem, if they can't, they can be fired for failing to do the job, not for refusing to use the provided system.
Definitely shouldn't do this unless the company's IT department already supports Linux. Configuring Linux, securing it, tracking it, managing it, all for one person is a huge effort.
For example connecting to an enterprisey VPN solution integrated into AD to access your exchange mail. Your options here may be limited to: install a supported system, or reverse engineer the provided configuration and pray you're a good enough expert in IPsec, Kerberos, and emulating a custom 2fa app which relies on secure boot and keys in TPM. Your onboarding starts tomorrow... and go!
From the policy side of things, you may run into "your laptop is not reporting that the latest windows or macos patches have been installed, you're required to have them installed".
The enterprise-y stuff isn't getting easier. My last Corp job, the VPN wouldn't let you in unless the active Win64-based agents were installed, alive, and scanning every file you create, download, or delete.
It was way easier to accept the Windows laptop and just run Virtualbox all day long in full screen.
Well duh.. The company is responsible for its security and data privacy (think millions in GDPR fines). In order to do that they need to be able to secure the system, mandate patches, monitor suspicious behavior using EDR/XDR etc.
This sort of thing is not optional anymore and just dicking around with an unmanaged laptop and copying stuff onto unmanaged drives will be more and more difficult.
This stuff is not because of distrust or to make your life difficult. It's to protect the company and its customers.
What they should do though is support all business required OSes, not just Windows. Our company is pretty good at that and despite me doing all the work on managing non-windows compared to entire teams of Windows management people it works pretty well and users are happy :) Though I recently moved.
Not always about the amount of security software they have to deal with but these are just needed in this day and age.
I do understand your frustration though, as most enterprises don't care about developers if they're only a single-digit percentage of users, and have terrible IT processes like ITIL.
DLP snoopware for me. We actually need to be able to demonstrate that we know where the sensitive data is and is not. We have a metric for unsupervised devices and we need to keep that number as close to 0 as possible.
2ndly, there is the nature of what the company does. If you are at a software engineering company, chances are you can just grab any linux lappy and get to work because everything you need is covered.
If you are at a software consuming company, you are at the mercy of what your LOB apps support. Software that has this kind of company as its customer either only targets windows or only targets web browsers (and even web apps somehow find a way to be windows-specific).
It's usually not that simple. At my company, for instance, a device registered as Windows will be blocked from the network if security updates are not installed within a reasonable period of time, so any non-Windows device needs to be registered as such and it's use justified.
Actually, I rather like TempleOS, one really has to admire Davis' efforts. It must have been a lot of work. I can't but help feeling sorry that we've lost him.
Calling this a "religious reason" may be a bit too far, but using an OS of your own choice is pretty normal, right? I was never forced to use any specific OS wherever I worked, so this all looks very wild to me. Why would anyone care? She's not demanding a costly license from Microsoft, isn't she? And the answers on reddit are such bullshit only "micromanagers" can come up with.
i can't use Microsoft Windows for health reasons. my mental health is severely affected every time i am forced to use Windows. MacOS is not much better though. it used to be ok, but it has gotten much worse lately.
That's just plain funny. People like this are why so many view HR as the enemy.
[0] https://old.reddit.com/r/AskHR/comments/11fueld/ga_employee_...