24
submitted 1 week ago* (last edited 1 week ago) by Zeon@lemmy.world to c/asklemmy@lemmy.ml

I'm working at this health company; it's my first IT job, and I've been here a little more than half a year so far. I do appreciate the opportunity I was given, but man, this place is kind of a wreck. The boss didn't want to upgrade the Windows 7 computer that's sitting on the network and utterly refused to do so. Even with everything that was shown that it could be upgraded, he was pissed, and it took six months to finally upgrade it to Windows 11 with the necessary software we have.

Another crucial issue is that literally the people who work on the floor have FULL ADMINISTRATOR ACCESS to install any programs they want. I brought this up to him, and he said, "We have bigger battles to fight." The computers are literally just "Password" or the start date of the employees. So literally all someone has to do is ask when they started working here, and boom—they have access to their account. We also had local accounts sitting on every computer. He does not want to change any of this.

I am capable of switching jobs. I have talked one-on-one with big figures in the field like Richard Stallman before. I do testing and help port hardware for coreboot/Libreboot. I am also looking into getting my Linux+ (currently only have my A+). What should I do?

(My boss and I are the only two IT people)

you are viewing a single comment's thread
view the rest of the comments
[-] Lettuceeatlettuce@lemmy.ml 7 points 1 week ago* (last edited 1 week ago)

A health company where they have that poor of security practices? Get the hell out ASAP! When they get ransomware, (and they will,) you do NOT want to be on the hook for trying to recover their systems.

Trust me, I had to help recover from a ransomware attack at a small company a while back, it hit early in the morning, I got there a little before 8am once I got the call.

22 hours later, we had only just finished wiping and re-imaging every computer, let alone getting all the software reinstalled, configured, tested, backups re-synced, etc. It took weeks to get everything fully recovered, and that was with a team of half a dozen people.

In the meantime, CYA hardcore. Document all security issues you can find in email and make sure whoever is in charge is aware and is on the email chain. There literally could be legal charges brought up if it's involving private health information.

[-] reagansrottencorpse@lemmy.ml 4 points 1 week ago

I got let go from a healthcare company around the pandemic, for asking if I could work from home a bit.

I had been doing all the back ups before I left. Months later I found out they got hit with ransomware and ended up having to pay it. 😂

this post was submitted on 08 Nov 2024
24 points (90.0% liked)

Asklemmy

43915 readers
1237 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS