Comment by nostrademons 3 days ago
Somehow I think that the weak link in our government security is at the top - the President, his cabinet, and various heads of agencies. Because nobody questions what they're allowed to do, and so they're exempt from various common-sense security protocols. We already saw some pretty egregious security breaches from Pete Hegseth.
I have never worked in a company where an obviously incorrect CEO-demanded security exemption (like this one) would have been allowed to pass. Professionalism, boards (with a mandatory employee member/representative, after some size) and ethics exist.
30 years in about 8 software companies, Northern Europe. Often startups. Between 4 to 600 people. When they grow large the work often turns boring, so it's time to find something smaller again.
Ah, Northern Europe is probably the difference. This passes all the time in the US. It's probably more common in non-tech companies, as well.
I’m in the US, SE since 1998, startups to multinationals. What the GP said holds true for me too. There are serious professionals in the world - I don’t know why some people want to drag every one else down to the level of the current US administration- they are exceptionally inept.
I used to work devops for a startup. The _only_ person who was exempted from 2-factor auth was the CEO. It's the perfect storm: a tech illiterate person with access to everything and the authority to exclude himself from anything he finds inconvenient.
>I have never worked in a company where an obviously incorrect CEO-demanded security exemption (like this one) would have been allowed to pass
You don't have worked in enough companies then.
Just for the sake of argument, you think anybody would have denied Jobs or Bezos or Musk one?
The phrase ‘Don’t you know who I am?’ Will be taken differently depending on corporate culture.
Why would you? He’s literally the only person ostensibly in charge of the direction of the company. Destroying the company through a security exemption or a bad business deal - both are the leader making a poor decision due directly to his seat of power.
Give sound advice of course, but ultimately it’s the exec’s decision make.
There are many reasons to deny a CEO ... in a good company structure such denials are circled back around to the board for review.
Case in point: Allowing a CEO with no flight training to "have the keys" to the company <rare, expensive, uniquely outfitted, airframe> because they want to take it for a spin.
Sheparding Royalty in Monarchies has been a neccessary, delicate, loaded, and life threatening role for centuries.
Being a C-suite Groom of the Stool isn't a happy job, but somebody has to do it.
Been there. The CEO of an internet security company was the one who clicked on the wrong email attachment and turned a virus loose.
I mean, I don't know if he had a security exemption, or if anyone who clicked on it would have infected us. But he was the weak link, at least in that instance.
whether he is personally and directly responsible for this specific incident, his leadership absolutely sets the tone for the rest of the federal government.
Humans generally find "food safety expert sickens guests with tuna salad he left out overnight on warm countertop" to be a far more damning charge than "fire safety expert sickens ... warm countertop".
Dig up a live mic catching Hillary calling the IOC a bunch of self-serving scum just as Obama was begging them to award the 2016 Olympics to Chicago, and we might call it comparable.
That's also the case in businesses. No one denies the CEO a security exemption.