

Nice. So this is all user-based though?
You could do a machine deployment with something like PSADT but it’s probably overcooking it (I don’t really understand when/how it switches from old to new)


Nice. So this is all user-based though?
You could do a machine deployment with something like PSADT but it’s probably overcooking it (I don’t really understand when/how it switches from old to new)


NZ chiming in here. Our right-wing dipshits copying the rolling US-fustercluck are proposing to stop flouridating our drinking water.
I don’t have a career about this argument but thought your ‘civilised countries’ claim was a bit hyperbolic
edit However, I love the thought you’ve put into your username and instance!


Er, no?
Eclipse notes that using a full TPM-and-PIN setup doesn’t help, as apparently, they have a variant for that scenario that they haven’t published a PoC for


Thanks for the sane interpretation of the situation!


I guess this is a question of scale, ultimately.
Good point with raising, though
…and now my popcorn has gone stale. Fuck you guys and your civil discourse!
Fuck yeah


I vote that both are terrible solutions in the wrong situations (as already indicated by the others).
The hard part is getting people to use them properly!
If ‘the business’ has some ownership of their data and its mostly officey-crap, SP is probably fine and it’s easier for them to see that it’s secured and take some ownership of it. Chances are though that lots of the business units has little dips into each others data on the fringes…
(I’m just burned by a multi-TB file share a whole hospital uses where no one owns any of it and it’s a tangled Gordian knot. Goes back decades, sitting on a SAN that doesn’t give much visibility, just de-dupe)
Yes, indeed!
edit but, you know, don’t let that stop you from really fixing it (so hard that it might need some additional remediation afterwards)