top | item 46057540

(no title)

As a dev currently working at a company where getting an access request fulfilled can sometimes take weeks, I feel this author's pain.

But it seems like an enormous security hole, even with a codeword "password". The author didn't mention it, but I hope they're using whatever version of their company's E2E email encryption is for these messages.

discuss

yabones|3 months ago

Yeah, this is textbook "shadow IT" that could easily lead to something going seriously wrong. It's a fun example, but not something to aspire to.

Ultimately the problem is that in a lot of big corps, IT is basically unaccountable for setting things up wrong. Their only KPI is tickets closed, not the quality or success rate of their fixes.

thewebguyd|3 months ago

I've always felt that if business types can get over their fetish for trying to measure absolutely everything, we wouldn't have problems like these that stem from poorly thought out KPIs.

They default to tickets closed, uptime, SLA adherence as KPIs because you can't effectively measure "is it set up correctly?" and because the business absolutely must measure everything, they come up with bullshit KPIs so they can have a pretty dashboard and pretend like they're actually managing.

Glad I'm no longer in huge corps, but still an IT manager. Shadow IT is a direct symptom of IT not providing the right tools or having poor processes. But responsibility still lies higher up in the chain. If we weren't forced to quantify all activity, these issues wouldn't exist.

fluidcruft|3 months ago

If the author were to pray to the overlord, they might receive the blessings of the holy PGP/GPG order.