They're likely understaffed. They're also going to want to know why you're using it. My colleagues have had a case of someone downloading some program which was doing something that was already provided. Turned out "ours" was missing some features, so they've changed that.

It can also work as a deterrent. If you know you're going to have to fill out a form, maybe you won't download random stuff unless you actually need it.

I understand understaffed although I think that's when siloes should be broken down so technically apt people across the company can reduce the workload (like by advising on a list of safe software that shouldn't be questioned.)

I don't appreciate the deterrent culture because it's hard to get to point A to point B without some exploration if the company isn't used to trying to improve how work is done, or improve its thinking. The opportunity cost of preventing bright people from exploring is enormous. I understand, though, that compliance and uniformity are high priorities in some industries. (My experience with this kind of IT comes from aerospace and finance.)

Oh, I absolutely agree with this. But I think many companies have a hard time with this.

The issue being that, of course, this exploration may end up badly. See all the supply chain issues which have made it to the HN front page. So some guardrails should absolutely be in place.

I don't know how practical that would be, but I keep thinking we (IT people and adjacent) should possibly have two computers. An "untrusted" one, on which we'd be free to tinker, test new things, etc. No issue with nuking it if anything goes wrong. No access to "important" data or networks. And another, "trusted" one, from which you'd do your admin work, deploy to prod, etc.

I would love to see the two computer approach be more widespread. I think "one computer per desk" is a major mental hangup. Computers cost a fraction of what they used to compared to salaries and we still insist on a 1:1 ratio.