On one of my largest projects the IT dept made bulk orders for hardware and doled them out to new hires. 18 months into our new project someone’s hard drive died.

Everyone acted like his dog died. I said no problem let’s go through the onboarding docs. The longest step by far was that the company mandated Whole Disk Encryption but IT hadn’t put it in their old inventory yet. So that was 2/3 of setup time. We found some issues with the docs and fixed them.

Every two to four weeks that summer, someone else’s drive would go. You see, we got all of these machines from the same production run. So the hard drives came from the same production run, which was apparently faulty. The process got a little faster as we went. By the end of the summer it was my turn, and people still looked at me like I needed condolences. I got a faster machine for a few hours worth of work. I’m not sad. All my stuff was in the network already. I lost a couple hours’ of work, tops.

I thought this was a typo at first. Love this as an engineering koan.

With today’s software for managing corporate machines, and corporate VPN with network security and firewalls abound, anything and everything can be seen.

I have a joke Wi-Fi name that I’ve even considered changing (or at least create a guest network) just to be safe. It’s likely overboard, but I like the idea of just mailing my laptop if I change companies, and no worries at all

3 -> 2 means you now only need two people to be hit by buses to ruin your project.

There are very few machines in the world that are actually mission critical, and you might not be able to do that (although for them, you can probably switch components with it still running). Anybody else, you are just betting your company on the lack of fires, hardware failure, etc.

There's a huge red flag. "Private stuff" (embarrassing or otherwise) shouldn't be on company machines in the first place.

However if anyone touches my computer: don't you dare f*%king touch my private key.

(ditto for my browsers sessions database, google cloud credentials directory etc;)

I'm paranoid about it, but not enough to buy a yubikey, apparently.

But if those keys (or passwords, etc.) are generated for work purposes, I consider them to be as much company property as the machine itself, so I'm no more protective of them than I am of any other sensitive company data.

How do you feel about giving your colleague your password?

My personal opinion is that I can hold someone legally culpable if their account does something like leak financial information; you have a professional responsibility to secure your account from absolutely everyone.

Administrators acting on your account must of course be heavily logged and audited, which is the case.

I usually don't, mostly just out of good security habits, but also because most employers specifically prohibit doing that.

Almost always, your colleague can be given his own access to whatever the password is for anyway. If that's not possible, then I'll share the password and change it immediately after my colleague doesn't need access anymore.

> you have a professional responsibility to secure your account from absolutely everyone.

I agree -- that's part of treating credentials the same way as all other sensitive company data. But it's still my employer's data, not mine.

If I quit the company or if my supervisor wants to see the contents of my machine, I'm fine with that. The machine and everything on it belongs to the company anyway.

They tie to your identity, thus you must not treat them the same as company secrets, they are professional personal secrets which should not be disclosed or allowed to fall into anyone elses hands (less they be revoked and cycled).

It's not just good security posture it could affect your career quite badly or lead to legal issues.

> thus you must not treat them the same as company secrets, they are professional personal secrets

They are company secrets that are tied to my identity. The company owns those secrets, not me. Just like my keycard to get into the building.

I think given the context of the thread (don't touch my secrets), saying that you don't have anything you would consider confidential towards your employer or colleagues is a direct contradiction to what I stated.

That's why I'm "arguing" because my employer/colleagues should not have access to my private key, ever.

There are several very legitimate times when my employer needs to have access to my keys. If I'm leaving the company, for an obvious instance.

But my core point is that such keys/passwords aren't really mine, they're the company's and in the end, the company gets to decide what I'm to do with them.

I think the building access keycard is a perfect analogy. I'd never let anyone borrow mine on my own volition, but if the company wants to retrieve it from me, that's their prerogative. It's theirs, after all.

There are exceptions but the circumstances where an employer would need to retrieve my keys without my assistance are extremely rare and in those instances it’s unlikely I’d still be an employee anyway.

The handing of the keycard is necessary to ensure it's destroyed and can't be used as a "proof" you work somewhere (most access cards these days have your name, face and the company logo printed on the front).

The keycard will be removed from the access list to the building even when it's destroyed, they're not considered reusable by most companies.

Your private key is not reusable, it should be destroyed and revoked from all system when you leave a company.

Aside from a third party attacker (which is well-covered by my normal practices), that's a threat model that I'm personally not worried about at all, really. In part because I've never seen or heard of that happening and in part because if it did, I am confident that there are enough records to be able to prove it.

By default this should be what is happening on all but the most ephemeral of machines/testing platforms/etc. And even then if its a formal testing system it should probably be integrated too.

Directory service integration BTW is the one feature that clearly delineates enterprise products from the rest.

I'm fine with that, but I still will not share my passwords. I'd be happy to reset the passwords for them if they can't access the data by other means, but as another commenter pointed out, the fact that anything needs to be recovered from my^H^H not my laptop indicates mistakes were made.

Touch the computer, sure, but please don’t touch the screen with your filthy grease fingers.

Yeah, it's not like that part of the story was condensed and might have left out a bunch of details that weren't important to the story. So let's give OP a hard time and make judgements about a situation for which we have not even the slightest bit of context.

(For what it's worth, I'm American, and I disagree with your assessment. We don't know how long the person was given to make progress, and we don't know what was communicated. To conclude that a two-week period without a commit represents the entire period between the start of the poor performance and the termination is, well, a bit out of the blue.)

When I was hired I was told he was a problematic hire, that hadn't produced anything for long before my arrival. It was basically "We already know we're going to probably have to let him go but if you want to try to work around it, be my guest". I did try to go in with no judgments, as I always do, but he refused help, and refused to even let anyone look over his shoulder and find why this task was taking an order of magnitude too long.