Smaller companies, maybe. But bigger companies will have a ‘Security and Compliance’ department which will force everyone to use a company-supported platform. It goes beyond OS too. Unapproved apps, even if you are allowed to install them, may not connect to company resources.
Managing centralized security and device management correctly on multiple OSes must be a nightmare. From EDRs to app and device provisioning.
You should do dev work in devcontainers anyway.
Not that it’s an excuse or that I’m happy with that, but I can totally understand why companies do that, and tbh I’d rather see a properly secured than have the option to run Linux.
But I’m biased, because I used to do Red Teamings, and the things I’ve seen…
Devcontainers work for Visual Studio Code when developers are more than happy to click their way through running builds and debugging problems. But, as someone whose workflow is optimized for the command-line, they can fuck off.
for a senior engineer position though? That seems counterproductive. I would expect it of one of the entry levels or non-it but forcing a windows ecosystem on a development or engineering sector screams red flag to me.
A senior engineer obviously needs (and knows how to handle) considerably more access to their workstation and company IT infrastructure than the average employee. On the other hand, I’ve occasionally read complaints from IT security types about engineers being way to eager too install sketchy stuff.
There’s some truth to those complaints. I might need to try out several libraries and tools to see what works best for a certain use case. Is that new one with 15 stars on Github actually safe? Are all of its dependencies? How many developers perform a task like that in a sandbox? How many of those perform a thorough audit before taking it out of the sandbox?
Smaller companies, maybe. But bigger companies will have a ‘Security and Compliance’ department which will force everyone to use a company-supported platform. It goes beyond OS too. Unapproved apps, even if you are allowed to install them, may not connect to company resources.
Yeah but MacOS has all the same security and group policy controls as windows.
Yeah but managing it fucking sucks.
Managing centralized security and device management correctly on multiple OSes must be a nightmare. From EDRs to app and device provisioning.
You should do dev work in devcontainers anyway.
Not that it’s an excuse or that I’m happy with that, but I can totally understand why companies do that, and tbh I’d rather see a properly secured than have the option to run Linux.
But I’m biased, because I used to do Red Teamings, and the things I’ve seen…
Devcontainers work for Visual Studio Code when developers are more than happy to click their way through running builds and debugging problems. But, as someone whose workflow is optimized for the command-line, they can fuck off.
for a senior engineer position though? That seems counterproductive. I would expect it of one of the entry levels or non-it but forcing a windows ecosystem on a development or engineering sector screams red flag to me.
A senior engineer obviously needs (and knows how to handle) considerably more access to their workstation and company IT infrastructure than the average employee. On the other hand, I’ve occasionally read complaints from IT security types about engineers being way to eager too install sketchy stuff.
There’s some truth to those complaints. I might need to try out several libraries and tools to see what works best for a certain use case. Is that new one with 15 stars on Github actually safe? Are all of its dependencies? How many developers perform a task like that in a sandbox? How many of those perform a thorough audit before taking it out of the sandbox?