Even in every non-technical company I have known, except one, has allowed its devs root access on their own machines. I have never needed someone else's password to install software or run Sudo on a work machine.
In the real world, endpoint security is very much a thing, and that means workstations so locked down, you can't even change the screensaver, let alone install unauthorized software.
If you work in health, for all intents and purposes you must be HITRUST compliant, and that basically mandates all sorts of lockdowns and network restrictions. ANYTHING that touches PHI must be airgapped.
> In the real world, endpoint security is very much a thing, and that means workstations so locked down, you can't even change the screensaver, let alone install unauthorized software.
I've been in the software industry since 1989 and I've never worked at a single company that didn't let developers have root/admin on their own PCs. "The real world" is quite a varied place.
It's really not that rare. For sure there are companies (big and small) which have a quite paranoid lockdown environment, but there are just as many which understand that local admin access is quite important for developer productivity and if you have the appropriate network architecture it's no less secure.
> You could also just do all of your development with fake PHI, but I've learned not to tell health people what to do.
Yeah, software companies like Google also lock user private data like crazy. But you can have root access (or at least you could when I worked there), cause for 99% of development, you couldn't touch actual user data anyway.
It really makes the most sense to grant employees the least amount of access possible for them to do their jobs. Anything else is courting unnecessary risk.
