i do it at home so why can’t i do it at work?

…because your personal acceptance level (or ignorance) of risk differs from that of the company you work for.

There are always posts about how draconian IT policies are for users, and responses on why it is that way. This well-written article is another example of the justification for IT restrictions.

It is often the job of IT security folks to do and enforce these things, usually as a blessing from upper management. Getting mad at them is rarely going to get you anywhere, just like getting mad a TSA agent. Sorry, they’re just doing their job; take it up with their superiors or the policy-makers. We’re not (always) trying to be sadists.

The end of this article is a key point: “As a user, are you ready to accept personal responsibility if something you want affects the security of the network?”

In the end, it is all just a balancing act between corporate culture (which includes productivity and happiness) and managing your risk. If we could forget all the endpoints and properly secure the important data while letting people all run as local admins, we’d probably do it. Logical decisions are usually easy for us…