this post was submitted on 08 Jan 2024
2128 points (97.8% liked)
Technology
60112 readers
2512 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
in my previous job we were allowed to install some old version of firefox through the companys own portal. but we couldn't access internet with it because "firefox is vulnerable". they use google suite so chrome was the default browser, but edge worked too and even IE...
Most companies now are being shepherded into Microsoft 365's walled garden by their security teams. Edge is the only "secure" browser now, Teams the only "secure" chat app, Microsoft Authenticator (specifically Microsoft's app, not DUO or anything else) is the only "secure" way to implement MFA, etc.
It's genuinely sad how many security professionals have been shanghaied into Microsoft salesmen.
By secure they mean "the only way we can easily see everything you do"
We had IT people in at our shop to migrate us over to 365. They wanted me to install Microsoft Authenticator on my personal phone, so I said no. They were able to bypass MFA to sign me up.
I asked them what would happen if someone didn't own a smartphone (crazy I know), they had no answer for me. They basically just looked at me like I asked them the square root of pi.
That's actually a problem where I work. There are people who carry a flip phone because they don't want a smart phone. IT gives them a hard token for 2FA.