I saw a comment yesterday about how IT admins have to restrict the privileges of other developers on their machines and was surprised by knowing this. I simply thought that employees in the software industry were essentially at equal parity in terms of their departments, and that the admin department was there just to centralise all the work done by other departments and keep track of the status of their systems. I did not think there would be a need to apply childlocks on other employees’ systems as I assumed that a person working at an industry like this would have basic computer literacy to know what is safe and permissible by company policy to execute and what is not.
This may come off as being too naive of me, but I genuinely want to understand how the hierarchy in such a company is actually like. I always thought of workspaces in the software industry to divide labour laterally and there would be no need for administrative powers apart from the management to exist, at least in regard to regulating other workers’ actions beyond normal workspace policies. It would be extremely kind of anyone to shed light on this matter.
From an enterprise security perspective you want to operate with a least privilege model. For developers who need admin access this is typically granted through some just-in-time temporary elevation process, but many developers who are writing code and pushing builds through a devops CICD pipeline may not need admin to do their jobs.