I am currently employed to develop an entire data analytics system because a government department can't get their firewall rules right.
None of the members of this government department want a bespoke system, they want to use tools they are familiar with but due to the firewall rules this isn't possible.
It truly is fascinating, the world of tools and ecosystems built up to sidestep inane security rules in organizations.
Spoken from experience, this includes things like Anaconda in orgs where devs can’t use just any Python packages, or scripts from the internet copied and pasted into files because the firewall blocks git cloning. One could even consider AWS as a platform for devs to get around InfoSec red tape and have some semblance of control. The goal as a dev here is to fight the fewest fights to make tools available, by getting access to the biggest “bundles” of tooling they can.
In such organizations, there is either no concept of cost/benefit of overly restrictive firewall rules, etc, or the culture is such that the security team has become entrenched and unquestionable.
Can confirm. I’m able to spin up multiple sets of m5.24xlarge without anybody blinking twice, but I’m not trusted to spend money to buy a ballpoint, for which I’ll have to go through the whole PO process.
The disconnect here is unreal.
When the only tool you have is a hammer, everything by necessity becomes a nail.
We are required to use some internal assets, so I am using a combination of Flask, our "workflow execution platform", and some Amazon EC2, S3 and Glacier on the backend. Angular and a few data viz libraries for frontend.
None of the members of this government department want a bespoke system, they want to use tools they are familiar with but due to the firewall rules this isn't possible.