• Mikina@programming.dev
    link
    fedilink
    arrow-up
    1
    ·
    1 month ago

    We’ve just been told yesterday that to reduce our attack surface, only Edge will be allowed on our workstations. Reasoning is that it’s difficult to make sure everyone is properly updates their browser, and since Edge is handled by windows updates, it’s easier to monitor proper updates.

    While I understand that reasoning, the tradeoff between pretty small risk reduction associated with unlikely attack surface from different browsers, and the massive drop in employee satisfaction, is simply not worth it.