So our new director, the 4th in 4 years, thought it was a great idea the people cant get on “every” map on our server. Of course i'm ok that i cant go into the HR map (which i couldnt anyway) but i cant get into directories like transport and service. Folders i ocationally need as an engineer that needs to transport stuff and needs to send people on a service job. But after a big discussion i'm ok with it, i'm just not gonna do that. Just gonna stick my head in the sand and say: sorry mate, cant do that because i'm not allowed to give you a simple transport document.
The people that can get into anything are the “managers”. So my manager and the workshop manager that was once my intern. Now our workshop manager has a burnout and works 2 day and 3 days a week we hire an old employee (also started as an intern that i worked in) that manages the workshop and orders stuff for projects.
Today i noticed that the guy who we hire works on the account of the workshop manager. When i said: “wow, that's not ok.” our current intern said: why? even i know his password. And both are like: yea, but we need his account because we need acces to some other folders.
Ok, so we protect our server so good that i cant even se a damn transport document but someone we hire in and our intern can both just get into the HR folder and see everyone's paycheck?
TLDR; new director makes server more secure by making it less secure.