So my company decided to migrate office suite and email etc to Microsoft365. Whatever. But for 2FA login they decided to disable the option to choose “any authenticator” and force Microsoft Authenticator on the (private) phones of both employees and volunteers. Is there any valid reason why they would do this, like it’s demonstrably safer? Or is this a battle I can pick to shield myself a little from MS?
Actually, quite likely on the spectrum and diagnosed with ADHD (this is a major contributor to my verbosity, so apologies if it comes across as a big rant). I do have a therapist indeed and have found it very helpful - highly recommend it if you’re in need. Not sure why this is relevant.
Maybe we’re hitting a bit of an “impedence mismatch” here. I suspect, partly as you’re coming through from an Aussie instance that it may be partly due to a lack of context on how fucked things are, labor-wise in the States. Healthcare here is tied to one’s employment, intentionally. It is technically possible to get insurance through a public exchange but, practically speaking, it’s not going to do much, especially if one has chronic or severe health problems. Also, we have very poor protections against firings and layoffs (most US labor contracts are pretty well one-sided).
Is work the purpose of my life? Fuck no. I have, however, been repeatedly screwed over, job-wise, by things outside of my control (Recession, offshoring, mergers, untreated ADHD). It is pretty awful, if you haven’t yourself, I recommend giving the experience a pass. This has made me acutely aware of the impact that my actions can have on others, not just the immediate but also the secondary and tertiary impacts. I’m also the primary income for my household, so, that rather raises the stakes a bit.
Put these things together with the fact that I now have have coworkers who will literally die without medical care (insurance through work - so cancer patients have to have a job or a spouse with great coverage) and it should paint a good picture for someone with a healthy dose of empathy. Because of how labor is structured in the US, screwing up in a manner that has a big impact on the company means that I could be killing someone indirectly. Should that kind of thing be an employee’s responsibility? No. But that’s the reality of it. Actions have consequences within the system that one operates in, fair or not.
As for cybersecurity, somewhat fair. I’m not fixated on it but do definitely have a more significant interest than most. With the overall increase in cyberattacks on companies, states, and individuals, I’d recommend everyone being more security conscious.