One chestnut from my history in lottery game development:
While our security staff was incredibly tight and did a generally good job, oftentimes levels of paranoia were off the charts.
Once they went around hot gluing shut all of the “unnecessary” USB ports in our PCs under the premise of mitigating data theft via thumb drive, while ignoring that we were all Internet-connected and VPNs are a thing, also that every machine had a RW optical drive.
Worked at a medium sized retail startup as a software engineer where we didn’t have root access to our local laptops, under the guise of “if you fuck it up we won’t be able to fix it” but we only started out with a basic MacBook setup. so every time I wanted to install a tool, ide, or VM I had to make a ticket to IT to come and log in with the password and explain what I was doing.
Eventually, the engineering dept bribed an IT guy to just give us the password and started using it. IT MGMT got pissed when the number of tickets dropped dramatically and realized what was going on.
We eventually came to the compromise that they gave us sudo access with the warning “we’re not backing anything up. If you mess up we’ll have to factory reset the whole machine”. Nobody ever had to factory reboot their machine because we weren’t children… And if there was an issue we just fixed it ourselves
Imagine that. IT knowing how to fix the issues they caused. What a revolutionary thought! /s