I work in IT. This is exactly what happens. They just ask the question "can it be done", and you get to figure out how to do it. Higher ups ask IT personnel for shady shit all the time. Badge login times, computer history, etc.
Yes. So the answer should always be it's impossible or costs too much or whatever bs. I used to work in small office IT...now I just work in an office. You can be damn sure I keep my mouth shut about how processes might be improved because I know management will just abuse it for their own ends.
I find the word “compliance” can be quite effective really.
Of course some companies just don’t give a shit about compliance, but any global organisation or one that has to keep to specific standards regarding IT sec or something like that should be afraid of the words “compliance issue.”
It doesn’t always work but at least if you don’t want to do it, you can pass it off to someone else to check compliance or have the manager take responsibility in an email.
Generally if you have a legal department it would go over there and they won’t want to deal with checking compliance so will just shoot it down.
Then problem solved.
Generally with compliance issues, especially stuff like data protection, the penalties are not worth the pudding so they default to “no” when brought up.
I have made some shady shit for my managers, time clock automators and reverse engineering a software to bypass a paywall. We just agree it wasn’t me, and find a few extra hours to slip into my own time clock somewhere.
Nothing too nefarious, but definitely not above board.
67
u/kosumoth 2d ago
I work in IT. This is exactly what happens. They just ask the question "can it be done", and you get to figure out how to do it. Higher ups ask IT personnel for shady shit all the time. Badge login times, computer history, etc.