Lifetime employment if you hear these at an employer
We built a multi-cloud hybrid app
It means they built crap to the lowest common denominator and its going to stay crappy for the rest of eternity because its not using the best of what each provider has to offer. Stay a "commoner" my friend.
Our vendor product unifies security across multiple clouds
More crap that basically holds you back from using the individual cloud provider to its intended design model. And wonder why your developers are asking for *.* IAM permissions within the vendor system.
We have separation of duties via privileged access management
Means they regularly have production outages that last for hours because the right people can't get to the right systems fast enough. Anyone heard of how the developer is going to get a "core" file from a production box? Oh ya, we will happily provide Oracle/DB vendor with a core file, but not our own developers because our corporate policy disallows that (WTF, do people not know that the DB core file will have customer PII data?)
We require all credentials to be rotated periodically
Join their IT call center, you will have a job for the rest of your life as folks forget passwords all the time
We have strong role based access control for all employees
Sure, sure, except the call center staff, they need admin rights to reset everything ;-)
We built our own encryption algorithm which is 100% faster than X
Ya, we just implemented ROT-13 because bit shifting is so much faster than established crypto algorithms.
Our applications require 30ms latency to the cloud/database
Meanwhile there are sftp batch feeds that cannot fail at 4pm ;-)
领英推荐
We have a mandated API registry and strategy within company
Right but you cannot use any random API published within the registry because the BU does not support a company wide authentication model.
We believe in open-source and promote employee contributions
Sorry gist.github.com is blocked for DLP reasons. Also you must review your contribution with our lawyers before filing a pull request. Do the lawyers "git" it?
We have strong DLP controls to prevent leakage of customer data.
Aka, we know dog-shit about what's going on because everything is SSL. (Same people who asked for ubiquitous network level encryption 10 years ago. )
We have a centralized SIEM/SOC/NOC that provides best in class service
Aka, we drop logs and alerts as we are overwhelmed with them and we just practice checkbox security because our external customer and auditor need these systems in place.
We have implemented a zero-trust network
Our printers, fax, HVAC, coffee machines, airplay devices, zoom rooms all run on the corporate network.
You can have either a PC or Mac for work, we want you to be productive
However on the PC we don't give you local admin rights while on the Mac we provide root. BTW: Mac is restricted so you must be a VP to get it.
Hope you all have a good laugh if you made it so far ;-)
Senior IT leader (CIO, CTO), Cloud Transformation, Strategy & Governance, Excellence Healthcare, Financial Service, Retail, Cybersecurity, Board Member, Start-up Advisor
2 年You are on a 'tear' lately with these cringe worthy reads. Thanks!