After self hosting several services for a few users, with SSO, backups, hardware issues etc, I really appreciate how good the IT was in my old company. Everything was connected, smooth, slick and you could tell it was secure. I had very few issues and when I did, they were quickly solved. Doing this all at scale for thousands of employees spread across the world, it is a wonderful sight to see.
Now at my current company, it’s at the opposite end of the scale where I almost believe that I could do a better job by myself! They’ve trying to do everything you would expect but somehow doing it wrong. They are so heavy on security I have a Citrix environment that takes me 3 logins to get to, fails constantly and means I can’t work without internet (like on a long train journey for work purposes recently), and on the other hand they’ve only just turned off admin rights for users so we could’ve installed anything we wanted!!! All our attachments (incoming and outgoing) are saved to a secure website (like OneDrive) and replaced with a link. It doesn’t save the file names on the email so it’s really tricky to find old emails if it’s a document you’re looking for. I could go on but just venting at this point as it’s so frustrating!!!
Thank you to the good IT people out there. Your roles are so important but not appreciated enough!
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
Big international corporate, IT security hired by personal connections instead of skill, IT security never worked in daily business.
The fun thing is, that they refer to NIST guidelines. Which is even funnier because NIST says 12 digits are enough, user-generated 8 digits are fine, no complexity rules, and password changes only “when necessary” (i.e. security breaches).
https://sprinto.com/blog/nist-password-guidelines ff.
Or they work in a regulated industry that requires pseudo-airgapped machines for remote users, e.g. the machine actually interacting with the systems needs to be within the controlled boundary but the company has a presence in multiple locations, so the solution is to have a Citrix server that the users remote into. But because the SSP also has access control requirements at every stage that take a long time to get updated to newest industry standards, the user still needs to have passwords rotated, MFA, and all that kaboodle.