In companies where executable files are blocked on employee laptops, how can developers effectively run different versions of Python and JavaScript libraries like React? My team consists of a few developers, and we often find ourselves negotiating with IT to whitelist each executable individually. Any suggestions on how to streamline this process?
3 Answers
You can manage user access through application whitelisting and blocklisting. Looking into application control solutions can help. For instance, if you want to maintain security without granting admin rights, tools like Autoelevate or Securden can enable users to elevate permissions for specific applications they need to run.
Using allowlisting for applications is definitely the right move. If you're continually asking IT to add apps one at a time, that's indicative of a larger process issue. Fixing that process will save everyone a ton of time in the long run!
As someone who works in DevSecOps, I've had to deal with this a lot. If you're on Windows, one option is to install Python through the Microsoft Store, which allows standard users to access several versions of Python 3 without admin rights. For whitelisting executables, consider using application control tools like ThreatLocker, which has an audit mode. Run it for a month, analyze the data, and set up a profile to minimize your IT interactions. If you don’t have an audit mode, you'll need to collaborate closely with IT, but it's essential to emphasize that making tools accessible is part of their role.
That's a good point! However, it's also on users to be proactive about specifying the tools they need. Asking for individual tool access repeatedly shows that there may be a communication gap.
Absolutely! Consider implementing tools like Endpoint Privilege Managers (EPM) to help streamline this.