Re: "All three strains of the spyware slipped into the [..] store before being spotted and removed"
I don't disagree with the original sentiment, but I bet it won't go over well because you're leaving out the other side of the coin. Every time a tech person does prevent a problem, nobody knows. Every time a user's action could lose them their files but something the IT department put in place prevents the loss, people continue on. But every time files are lost, whether the IT department could have done anything about it, they get the blame. Think of it this way: if a plumber does work well on your pipes, you won't need to call them in a while. But when your pipes break, you don't immediately blame the plumber; you just call them to come fix it. IT doesn't get that level of respect most of the time.
Biting the hand that feeds IT
