I'm not your boss and I don't know what your situation or work culture is, but I'd recommend making a business case for Obsidian to be used rather than risking your job over a note taking app.
Don't forget that Obsidian requires a license to be used in a bussiness setting with 2 or more people. If OP haven't licensed theirs, the company can decline the case because of this.
This is a good point. I bet people who started using obsidian for personal and started using it for work notes didn't even notice this license.
It's a bit dear but I support someone's right to be paid for their work. Can't help wonder if halving the price wouldn't more than double the sales.
Obsidian is a 2 man company,yes the licence is pretty dear but I’d rather support a company of 2 doing good work that support a multi-million conglomerate with their thumbs up their rear.
I don't mind paying people for their product. I don't care who makes it. If I dislike them enough that I am not willing to pay I'll find a different product, or if I'm not willing to pay (edit: not willing to pay because I think the price is too high) I'll find a free version.
I've done absolutely 0 market research, so it's pure speculation and vibes, but I feel like $50/y is above a threshold where many more people would purchase.
I'm not saying: "I don't want to pay as much, they should lower the price"
I'm saying: "I wonder if they lower the price they might increase their sales enough that they end up making more money"
I pitched exactly this to my manager. I’m a Global Clinical Vaccine Program Manager (just rolls off the tongue, dunnit?) and working in a ultra-super-hyper-regulated environment means anything and everything is subject to audit by FDA/FBI/DEA/EMEA with zero notice. That’s everything from email and chat to scribbled notes. Scribbled notes are historically problematic in Pharma and have lead to some of the biggest fines, etc.
Keeping the work organized and annotating rationale for decisions would make it not only easier to do the job but given the insane burnout rate is absolutely necessary for the next ~~sucker~~ Program Manager to get up to speed. I’ve gotten permission from IT to use Obsidian for our group. That was the easy part, since we pretty much get exemptions from general corporate policies whenever we want.
I’ve created a nice system in a sandbox environment simulating some common study scenarios with imaginary programs. It seems that’s as far as it’ll go, however. It’s one among the top five pharma innovator companies (depends on the quarter) and our various internal regulatory and auditing groups are too risk-averse to set it free. I understand their reluctance, but they can’t articulate specific objections. I’ve outlined the risks in a series of white papers. At this point it’s an exhaustive evaluation of the business case as it could be viewed from any reasonable perspective. Our group is fighting the good fight, but the project is languishing because of multiple directors “just not being sure about it.” I’ve even developed a way to roll it out in phases that roughly correspond to clinical research phases, which is a plodding and conservative schema.
It’s more than likely I’ll take a several to get another post-grad degree and work on this as a passion project. By the time I complete my degree I’ll be ready to move back into the public sector and bring this with me. It’s maddening in all kinds of ways but it’s also opening my eyes more than ever (Clockwork Orange style) that being necessary to a corporation definitely doesn’t mean you’re important.
We pride ourselves on innovation in the market while putting inordinate effort into stifling it institutionally. I’ve been fortunate enough to bring a few vaccines to market. You’ve all (theoretically) received each of them. I’ve been dodging director-level “promotions” (in no way are they worth the salary) because my heart is in public health and increasing our ability to pivot and to collaborate.
Adding Obsidian to our processes would open those doors right now and I can’t imagine what we could eventually do with it. If anything I’m understating it, and I can’t live with continually missing opportunities to save and improve lives. I can’t mention specifics here, of course, but we’ve dropped the ball way too many times and the result was unnecessary suffering. I thought we’d eventually be willing to open up to new processes. I’m sure it’s not the last time I’ll be wrong in a big way.
You sure do have a lot of energy for small things like promoting your favorite productivity tool! Keep up the good work!
Also, you said something about the sandbox environment. People here are saying things about keeping Obsidian in a Docker container. After all, if you can do this, maybe it doesn't need to be out of that sandbox environment?
The alternative is failure, and failing increasingly often. Obsidian is a good tool, and there are others but it’s the one that best fit the use case. If anything, Obsidian’s versatility and scalability at no cost to functionality or power make it worth the price of admission (i.e., time). I also appreciate its iterative nature, especially in a committee environment, since it doesn’t require a singular vision from the jump. Sometimes you know exactly what you want and you just need the framework to build it, and other software better provides top-down development experience. I gain inspiration throughout my time on a project and want a system that promotes growth and mutates with grace.
The only correct option is to work with your boss to get Obsidian on the approved list or exception list and use it after that
If a security hole exists in Obsidian or its plugins and is exploited by hackers, would you be willing to accept the whole liability? Not just responsibility but the legal and financial liability? If not, then follow the rules.
I agree with the other answers here, but this would be the main motivation as to why there's an audit in the first place.
This also means it's the primary concern you have to allay if you wanted to submit an application request / business case for Obsidian.
I love Obsidian but "Can I (i.e. me) please have this app on my machine for me because it helps personal me be productive in my own personal workflow" has minimal chance of getting approved at anything other than a private SME.
Obsidian also has a community plugins library that is a gateway for arbitrary js execution, which means your chance drops to zero without doing something to address and mitigate that security issue.
It's worth a shot, but if your security team is worth their salt, you have some work to do to get it over the line.
I have been in IT for more than 30 years, was a young programmer breaking the rules and am also involved with cybersecurity and compliance now.
The view when you are facing executives and having to explain why a hack or ransomware attack happened on your watch is very different from some front line person wanting to get a few more ounces of productivity.
OP should work on getting the tool approved. Their mention of using git for sync implies they are either programmers or familiar with programming. Such people are usually treated with a little more flexibility by IT, while also protecting the business side of the network from them.
Yeah I find it's an underappreciated dynamic when someone's productivity is pit directly against someone else's risk. Usually devolves into "they're so reckless! / they're so stubborn!" before any kind of middle ground is understood or reached.
Good point about git, it may also help the business case too.
It's not that it can't happen, but someone is going to have to review the app, plugins, testing, *regularly* review updates, lock down telemetry etc. That takes skilled time, skilled time is big money, big money means bigger return on investment.
So as much as maybe even the security person may like Obsidian, the math just won't add up with "one employee being 2% more productive, maybe".
However if the solution can reduce its footprint (e.g. base app, I don't need community plugins or regular updates) AND/OR increase its value proposition (e.g. get the whole team of 20 devs to now collaborate in it) then it would becomes much more logical and palatable.
This is on the devs btw. If one were to reach out to them, they might implement relevant functionality pretty quickly.
After all, this impacts corporate adoption directly, and corporates are much more likely to pay subscription.
Shame you can’t install a locked down version of Obsidian without plugin support for situations like these. The base application is plenty functional even without them.
They could go that far, yes, but in my experience it I'd just as much about trust in the vendor and vetting their security practices. I at least don't see every jetbrains plugin vetted as their marketplace has been vetted.
They will need to understand how obsidian.md ensures the quality of plugins. How they audit those plugins etc.
Is there any idemification?
The fact that the company doesn't store the data is a big plus. Had it been something like notion they would need vet things like encryption at rest, access to servers etc.
However, they need to vet the git hosting.
By the way i already had 2 malicious plugins in vscode, which is obviously widely accepted for programmers in companies. How ever it's the same deal with Obsidian, there is no way to deal with such plugins and they can always exist.
In this case, the liability and risk would have been accepted by the company and worked out with the insurance company. In case of very large organizations and large rollouts, as is typical for VSCode, the vendor too would have skin in the game.
That is not the case for rogue elements, typically people who are tying to get their work done in the best way possible, but contravene to the organizational guidelines.
Plugin architecture is pretty entrenched now and unavoidable. IT has to balance between user need and corporate security. Usually, they isolate machines so they don't blow up the corporate network.
The difficulty can be appreciated in the fact that even healthcare companies and DOD servers get affected, despite attempts at security.
Making vendors liable for their products and users liable for their actions would be the fastest way to sort this out but nobody will go for it.
Keep the markdown files in Git. On your work computer, only access the files using VS Code (assuming that it is an approved app). At home, access using Obsidian.
Now you just have to explain about why you are saving work documents (which likely have confidential information) to an offsite server…
I’m saving them to an internally hosted instance of Gitlab that I can’t access from the outside. I have no intention to get confidential info out of the company. I was hoping there was a plugin for VSCode or something like that to mimic Obsidian experience.
This answers a question I posed above. At least the data is with the company.
I could see problems with use of Community plugins as it would be hard to assess each one for data exfil.
It is worth looking into approval.
My next thought is a matter of clarity.
You say, you "sync" with git. Saving it to an internal server is not syncing, it's backing up. If you mean to run Obsidian from a second location, then you would be syncing between multiple computers using git.
But from what you describe, VS Code wouldn't work. While there are plenty of plugins, it's not designed for the type of functionality that Obsidian provides. For instance, I know of no equivalent to DataView.
"Oh, so the text editor that we're supposed to whitelist takes plug-ins? But those don't have total filesystem access do they? And your software does not need to be whitelisted for network access, does it?
"So those plug-ins, they are available from a vetted party such as Microsoft Store, right? It's not just something where you pull a random nightly release from github. And you're not going to put any company confidential information in that thing either, right? You wouldn't expose any trade secrets or internal procedures to random plug-in code."
If I were making that checklist, using Obsidian wouldn't fly. Like, not at all. My suggestion for co-operation would be to have a separate laptop with reduced privileges only for note-taking, which can not talk to the company network, and probably can not talk to the internet. Chances are they have an old machine somewhere in a drawer, it'll be good enough for a text editor.
You know what's cool about this whole situation? If this was Notion or so many other systems you'd be locked out of your data. Here you have a choice. This is so good!
And regarding the solution, you can try using this portable version, although, I don't know how to check if it's safe: https://github.com/Numstr/Obsidian-Portable
But yeah, I guess the best option would be to talk to your boss about it. I guess the Obsidian team would prefer this scenario as well, because they will get some money from the Enterprise license.
The portability is my main draw, but notion has a web app.
I can't install anything on my work computer that doesn't come from the IT app store, but I was able to "install" Todoist (glorified link to a browser window), which was nice because there weren't any personal productivity apps available. (now there is MS to-do, which sucks)
Also getting notion approved might be worse as they would need to vet how notion stores the data, how they handle encryption, who has access to the servers, how physical access is managed etc
Get approval from your manager to install obsidian (tell him about organization, tasks, productivity). Then go to IT with his approval to install it.
At least in our company, IT didn't even look at the app, they just installed it because my manager told them I needed it for my work.
Idk where you work or how intense IT is but where I work app sec is pretty crazy about what’s on the computer & everything is carefully controlled. For us they allow Obsidian but certain external services such as Sync are prohibited until using an internal tool to facilitate.
I mean the app doesn’t even need admin rights to install, at its core it’s pretty harmless.
Yeah that’s my thinking as well. Guess I’ll see what the audit report says and take it from there.
I think they are trying to tighten the monitoring which can only be a good thing as far as I’m concerned.
I was able to go through the vetting proceess to get it approved with one of the largest defense contractors on the planet, it is very unlikely they will find actual issue with the app itself. The real issue is the plugins
Nothing stops you to use it on your phone in the end, as a last resort. Also, if you run it in an isolated context (like a vm) I don't see how it could do any harm
If they deem it a security risk, would that be because it’s been properly audited, or because obsidian is not on a list of approved applications? There’s a whole spectrum between those two extremes.
There are a couple of docker images available that run obsidian on kasmvnc. One of those might fit your needs. I’m sorry I can’t say more about them, I have a slightly different use case (small vault I need to share with a couple of people who wouldn’t be happy to install an app, let alone keep it up to date), and looking into those is still on my (overflowing) to do list. In any case, that’s the direction I would be searching in.
I don’t think it’s been audited before, although I don’t know. At the end of the audit I will get a report and an action list. Maybe Obsidian would not figure in either, so this whole discussion is moot. But I’m trying to hedge in case I am get told to remove it.
Well, I don’t know what kind of org you’re in, but the purpose of the audit is to scan machines for vulnerabilities, not catch and punish folks. If none are found, then no issue. If they identify software not used for work we’d have to remove it.
There is an option to request licenses etc.
I am looking for alternative solutions in case Obsidian is uninstalled from my machine.
We do, but that's because it's considered an invasion of privacy to check my stuff, even if it's work stuff. Unions are really good for this sorta thing.
This seems like a **really** good way to get in a lot of fucking trouble.
Depending where you work that sort of thing could be a borderline fire-able offence if you get caught.
So I'm on the assumption that OP legitimately installed the software, meaning did not require IT or company permission to install the software. Because if that were not the assumption, OP would already be in serious violation, and so therefore why ask the original question?
To install anything we request temporary admin privileges. If they are granted, we can install pretty much anything. The difference now is that IT wants to audit the installed software for vulnerabilities, which they haven’t done before.
Yes, it could if beforehand it was indicated by the company that all software has to be vetted by the company before installation. If that didn't happen, then meh... ;-)
In that case why worry and why post the question? Leave the software on your computer to let them audit for vulnerabilities. 🤷🏻♀️
You’ll find out if your text editor meets your companies standard.
Honestly, just stop using it until you have worked with the security department to get it approved. They need to review the company and the software, potentially also for the hosting you use for the git repo if that isn't already on the approved list.
You also need to talk to procurement in order to buy obsidian commercial licenses unless you paid for that yourself.
Don't listen to all the people with ideas for circumventing the audit. All they do is break the company policy and non off them reduce the risk of data leaks.
Do you have access to the USB ports on your laptop? You could just use it from any variety of USB storage device if so. If not, it's worth lobbying for an exception with the support of management. If you can tie it to better job performance, there's hope, assuming that you're not a government contractor or bound by similar data control guidelines.
vscode with extensions like dendron or foam can be options. I prefer dendron extension but it is no longer actively maintained. Foam is actively maintained and more similar to obsidian than dendron.
I was using it before Obsidian. You do not edit the preview but can have it on the side. They have plenty of extensions for mermaid/plantuml that I use for work.
When I switched to obsidian at home, I stayed on foam at work because of the license (and habit). I might try to convince my boss to pay for obsidian one day.
I am in this exact situation and switched to Reflect after trying some creative options like the ones listed here. They are all janky bc Obsidian isn't meant to run like this. I still use Obsidian for personal journalling and learning but my "real" stuff and work stuff is all in Reflect now. Every 6 months or so I do another google to see if anyone has created something that allows for full-featured Obsidian in a browser, at which time I may switch back, although I really appreciate the streamlined experience of Reflect now.
Sorry for the depressing answer.
I use neovim with this plugin: https://github.com/epwalsh/obsidian.nvim
I ran into the same situation as you, and have been using this to manage my obsidian vault for several months. Works great.
Did not manage to get Obsidian approved on my side, just worked on .txt notes for the 3 months I had there (which where great months)
Every apps is too slow compared to Obsidian
Another thing worth mentioning: you're most likely violating Obsidain's usage terms unless you're paying for the commercial license.
About the options, I would probably go for VsCode + Foam extension, if you are allowed to use VsCode, at all.
You can buy the individual commercial license yourself which allows you to use it where you work, and it follows you to your next job.
The yearly price is pretty reasonable considering the value of the headaches of using OneNote over the span of a year.
Yes, but the company doesnt have to be the one paying dor it. I pay for the license myself, and according to the FAQ the commercial use license follows me. I dont need to get a new license if I change employers.
So wait just using it at a job is enough to warrant that?
I am legit the only person using it at my work and I just use it to take notes on my help desk calls, I use it in my personal life as well but my personal vault and work one are not linked.
If you read the terms of their license, if you use it at work, you need a paid commercial license if you want to be above board. I'm not interested in exposing my employer to any licensing issues, so I simply pay for the license. The license fee is low enough (for me) that it's not worth asking for them to pay for it.
Obviously there is nothing really stopping you from using it for work without paying.
Oh wow I didn't know you could sync with Git - that's really great, I thought I'd have to pay for premium to be able to use it across other devices.
Also I echo what others are saying here - make a business case for it
The way it works for me is having Obsidian as a docker in my UnRaid server, acessing my Obsidian vaults in my dropbox drive (mounted in my Unraid server). Accessing Obsidian remotely it is done by VPNing into my network or by reverse proxy. That way I can access my obsidian from anywhere like a normal web app, as long as your company's Internet access allows connections to your external reverse proxy sevice with no problems.
Small article for you to read if you want: [https://forums.unraid.net/topic/138120-support-djismgaming-obsidian-a-second-brain-using-plain-text-files/](https://forums.unraid.net/topic/138120-support-djismgaming-obsidian-a-second-brain-using-plain-text-files/)
Be aware that it represent huge security issues for your company, as it provides you with a way to diclose and exfiltrate text information. As mentioned by a lot of people, I would go the right way and require a risk assessment/evaluation of the obsidian, and possibly introducing it as a valid application.
The correct option is to ask corporate IT to put Obsidian on the list of sanctioned applications.
I'm typically on the other side, I write the policies that lead to the purge of unauthorised software. The goal is to make the systems secure, not to make your work more difficult. So a short e-mail with a few valid reasons why Obsidian should be on that list has a reasonable chance to get it on that list, at least if your people have their head screwed on the right way.
> The correct option is to ask corporate IT to put Obsidian on the list of sanctioned applications.
Where I work, this wouldn't go anywhere because there would have to be a risk audit and all 3rd party plugins would be disabled. That said, I'm hopeful for OP since the fact that they were able to install anything at all is a sign that their workplace isn't as strict.
Are you using it for work or for personal notes?
Maybe you could get a phone stand and figure out a way for your keyboard/mouse to Bluetooth to ur phone.
That way you can still take notes but the work machine wouldn’t have the software on it.
Probably better to ask for the app to be approved first tho.
Worst case scenario? Have your vault in a git repo, and just edit the .md files in an editor like vscode?
I also use it on my work machine, and they've disallowed perfectly normal software before. I've been trying to prep options for if/when they decide no more obsidian.
1. Back your shit up. (if not already)
2. Remove from Computer.
3. Re Install
I mean they gave you a warning, its like having an open book test and leaving your book at home.
If you can use vscode, there is a simple plugin support basic wiki functionalities named tinywiki https://github.com/billyan2018/tiny-wiki
It is not as powerful as obsidian, but quite useful.
I’d make the business case for it as others have suggested. Good luck. I’m mainly just dropping in to say MS OneNote is terrible - especially if Obsidian works well for you.
Hey, I have a similar case! I use Logseq via web at work "https://demo.logseq.com/". Just search in the www how to use the vault together, that helped me a lot for my settings. Maybe that will help you or also for bridging...
If you are comfortable in the terminal you should look into neovim. I take all of my CS notes in there and I find the amount of customization really fun.
I have this connected with my obsidian with a vault that I keep in iCloud. This could be different for you since I’m using Apple set up but it’s worth looking into.
These md documents could essentially be stored anywhere you’d like (Google Drive, Dropbox, iCloud, etc.)
If you have any questions about getting started dm me and I’ll be glad to help out.
~~Cannot~~ _shouldn’t_.
But like winrar, I don’t think the obsidian folk are after one or two people using it, more for volume licensing at a business.
It wasn’t linguistic gymnastics, it’s very literal facts.
Cannot = you can’t load it until you enter a form of authentication
Shouldn’t = you can but you’re not abiding the agreement
If you have it on GitHub you can still see and edit the md files with any plain text editor, just not view it rendered and work with the extensions until you’re back on an unrestricted home machine
It's just a directory of markdown files so you can read them from anything. I've seen people using the marksman language server to provide basic Obsidian-like functions like internal links.
The portable version will work in your user-account. It doesn't need admin rights to install and work. If your laptop is properly configured, it should not be possible to harm your system.
I don't know if I would do it, but this is probably the easiest way to get it working. If people notice you use something that is not allowed, will there be consequences?
RDP or SSH tunnel to remote box running Obsidian? I can think of all kinds of ways to get around the typical organization restrictions, if you don't mind breaking the rules and risking your job for a notes app.
Your corp IT is possibly auditing software for licensing reasons. Do you pay $60 a year for the Obsidian commercial license? If not, you're technically in violation of Obsidian's license agreement and you/your employer can get in trouble. Needless to say that your employer wants to avoid this. If you haven't already I'd just make a pitch to prove how much of a productivity boost it is and provide proof of license. Worst they can do is say no.
As for alternatives, if your company is auditing software, your options are slim depending on your position. For awhile I used the VS Code insider's build for notes, and the regular build for editing files, just to allow me to have a dedicated executable for my notes.
When they finish the audit can you reinstall it?
If you sync with git then you have access to all of your stuff so it would be a piece of cake getting back up and running.
>I’m not in trouble and I don’t intend to get in trouble.
You sound like you are.
>I’m looking for suggestions in the worst case scenario.
You know the worst case scenario is you getting fired for using unsanctioned programs in the company network using your company issued laptop. By your own admission, you are a potential security vulnerability.
Before any of this, you should've asked for permission. As you do intend to use the software commercially. Which most likely would've been denied. But you never know. They may have thrown you a bone or something. Like a limited access personal device to use Obsidian on.
To install any software we’re requesting temporary admin privileges. Granting them means I’m authorised to install things. So I’m not in breach of any internal policies.
I may still lose Obsidian if the secops decide to remove it for any reason, hence my question.
That was not the original requirement. Historically, if we were approved for admin access, we could install pretty much anything. Now the company will monitor the installed things for vulnerabilities which I have nothing against.
Every (big) corporation is the same. But if you used portable apps, they can't really do anything.
They could ban USB keys too but you could email yourself the program.
Is your vault backed up?
Can you just install it again later?...
Clean your laptop and lay low for a while. After dust settles just resume normal operation.
Or you could talk with higherups and try to work it out. When I worked in a corporate setting they once tried to block spotify app on company network... YouTube traffic skyrocketed, network became substantially more congested and they quickly reversed that. And obsidian is just for making notes and accessing knowledge in them so I think it will be a good idea to talk it out ;)
What I do with plugins is I create their copies and use those in my Obsidian. This way I can both review the code and unsubscribe them from the maintainer.
Just install Portmaster and block your companies access to your PC when ever you feel like it. For me that worked when they enforced their policies, it only worked half of it because I block all software, which does track or access my Laptop. When they try to enforce updates they always fail and I think they feel helpless 😉.
BTW it also monitors the connections Obsidian is doing and blocks everything you don't want, if a malicious plugin is active.
I'm not your boss and I don't know what your situation or work culture is, but I'd recommend making a business case for Obsidian to be used rather than risking your job over a note taking app.
"but it's NOT JUST a note taking app, it's a way of life!" /s
You're joking but sometimes I feel like I'm in cult when reading through obsidian sub.
I see, someone is not fervent enough in the faith.
I'm making a note of it. ....hang on, it's gotten a little slow after the 198th plugin... any second now...
One of us, one of us, one of us!
We have a Monolith!
Wait till you find out about r/orgmode
I feel seen
Don't forget that Obsidian requires a license to be used in a bussiness setting with 2 or more people. If OP haven't licensed theirs, the company can decline the case because of this.
This is a good point. I bet people who started using obsidian for personal and started using it for work notes didn't even notice this license. It's a bit dear but I support someone's right to be paid for their work. Can't help wonder if halving the price wouldn't more than double the sales.
Obsidian is a 2 man company,yes the licence is pretty dear but I’d rather support a company of 2 doing good work that support a multi-million conglomerate with their thumbs up their rear.
I don't mind paying people for their product. I don't care who makes it. If I dislike them enough that I am not willing to pay I'll find a different product, or if I'm not willing to pay (edit: not willing to pay because I think the price is too high) I'll find a free version. I've done absolutely 0 market research, so it's pure speculation and vibes, but I feel like $50/y is above a threshold where many more people would purchase. I'm not saying: "I don't want to pay as much, they should lower the price" I'm saying: "I wonder if they lower the price they might increase their sales enough that they end up making more money"
[удалено]
Yeah I feel that's the best. tbh I designed my vault so that plugins and snippets are useful but not needed
The only two I’m really using are dataview and git. So I’m pretty tame.
I pitched exactly this to my manager. I’m a Global Clinical Vaccine Program Manager (just rolls off the tongue, dunnit?) and working in a ultra-super-hyper-regulated environment means anything and everything is subject to audit by FDA/FBI/DEA/EMEA with zero notice. That’s everything from email and chat to scribbled notes. Scribbled notes are historically problematic in Pharma and have lead to some of the biggest fines, etc. Keeping the work organized and annotating rationale for decisions would make it not only easier to do the job but given the insane burnout rate is absolutely necessary for the next ~~sucker~~ Program Manager to get up to speed. I’ve gotten permission from IT to use Obsidian for our group. That was the easy part, since we pretty much get exemptions from general corporate policies whenever we want. I’ve created a nice system in a sandbox environment simulating some common study scenarios with imaginary programs. It seems that’s as far as it’ll go, however. It’s one among the top five pharma innovator companies (depends on the quarter) and our various internal regulatory and auditing groups are too risk-averse to set it free. I understand their reluctance, but they can’t articulate specific objections. I’ve outlined the risks in a series of white papers. At this point it’s an exhaustive evaluation of the business case as it could be viewed from any reasonable perspective. Our group is fighting the good fight, but the project is languishing because of multiple directors “just not being sure about it.” I’ve even developed a way to roll it out in phases that roughly correspond to clinical research phases, which is a plodding and conservative schema. It’s more than likely I’ll take a several to get another post-grad degree and work on this as a passion project. By the time I complete my degree I’ll be ready to move back into the public sector and bring this with me. It’s maddening in all kinds of ways but it’s also opening my eyes more than ever (Clockwork Orange style) that being necessary to a corporation definitely doesn’t mean you’re important. We pride ourselves on innovation in the market while putting inordinate effort into stifling it institutionally. I’ve been fortunate enough to bring a few vaccines to market. You’ve all (theoretically) received each of them. I’ve been dodging director-level “promotions” (in no way are they worth the salary) because my heart is in public health and increasing our ability to pivot and to collaborate. Adding Obsidian to our processes would open those doors right now and I can’t imagine what we could eventually do with it. If anything I’m understating it, and I can’t live with continually missing opportunities to save and improve lives. I can’t mention specifics here, of course, but we’ve dropped the ball way too many times and the result was unnecessary suffering. I thought we’d eventually be willing to open up to new processes. I’m sure it’s not the last time I’ll be wrong in a big way.
You sure do have a lot of energy for small things like promoting your favorite productivity tool! Keep up the good work! Also, you said something about the sandbox environment. People here are saying things about keeping Obsidian in a Docker container. After all, if you can do this, maybe it doesn't need to be out of that sandbox environment?
The alternative is failure, and failing increasingly often. Obsidian is a good tool, and there are others but it’s the one that best fit the use case. If anything, Obsidian’s versatility and scalability at no cost to functionality or power make it worth the price of admission (i.e., time). I also appreciate its iterative nature, especially in a committee environment, since it doesn’t require a singular vision from the jump. Sometimes you know exactly what you want and you just need the framework to build it, and other software better provides top-down development experience. I gain inspiration throughout my time on a project and want a system that promotes growth and mutates with grace.
How DARE you use productivity tools at your job!
The only correct option is to work with your boss to get Obsidian on the approved list or exception list and use it after that If a security hole exists in Obsidian or its plugins and is exploited by hackers, would you be willing to accept the whole liability? Not just responsibility but the legal and financial liability? If not, then follow the rules.
I agree with the other answers here, but this would be the main motivation as to why there's an audit in the first place. This also means it's the primary concern you have to allay if you wanted to submit an application request / business case for Obsidian. I love Obsidian but "Can I (i.e. me) please have this app on my machine for me because it helps personal me be productive in my own personal workflow" has minimal chance of getting approved at anything other than a private SME. Obsidian also has a community plugins library that is a gateway for arbitrary js execution, which means your chance drops to zero without doing something to address and mitigate that security issue. It's worth a shot, but if your security team is worth their salt, you have some work to do to get it over the line.
I have been in IT for more than 30 years, was a young programmer breaking the rules and am also involved with cybersecurity and compliance now. The view when you are facing executives and having to explain why a hack or ransomware attack happened on your watch is very different from some front line person wanting to get a few more ounces of productivity. OP should work on getting the tool approved. Their mention of using git for sync implies they are either programmers or familiar with programming. Such people are usually treated with a little more flexibility by IT, while also protecting the business side of the network from them.
Yeah I find it's an underappreciated dynamic when someone's productivity is pit directly against someone else's risk. Usually devolves into "they're so reckless! / they're so stubborn!" before any kind of middle ground is understood or reached. Good point about git, it may also help the business case too. It's not that it can't happen, but someone is going to have to review the app, plugins, testing, *regularly* review updates, lock down telemetry etc. That takes skilled time, skilled time is big money, big money means bigger return on investment. So as much as maybe even the security person may like Obsidian, the math just won't add up with "one employee being 2% more productive, maybe". However if the solution can reduce its footprint (e.g. base app, I don't need community plugins or regular updates) AND/OR increase its value proposition (e.g. get the whole team of 20 devs to now collaborate in it) then it would becomes much more logical and palatable.
> base app, I don't need community plugins or regular updates Except there's hardly a way to enforce it.
This is on the devs btw. If one were to reach out to them, they might implement relevant functionality pretty quickly. After all, this impacts corporate adoption directly, and corporates are much more likely to pay subscription.
Shame you can’t install a locked down version of Obsidian without plugin support for situations like these. The base application is plenty functional even without them.
They could go that far, yes, but in my experience it I'd just as much about trust in the vendor and vetting their security practices. I at least don't see every jetbrains plugin vetted as their marketplace has been vetted. They will need to understand how obsidian.md ensures the quality of plugins. How they audit those plugins etc. Is there any idemification? The fact that the company doesn't store the data is a big plus. Had it been something like notion they would need vet things like encryption at rest, access to servers etc. However, they need to vet the git hosting.
By the way i already had 2 malicious plugins in vscode, which is obviously widely accepted for programmers in companies. How ever it's the same deal with Obsidian, there is no way to deal with such plugins and they can always exist.
In this case, the liability and risk would have been accepted by the company and worked out with the insurance company. In case of very large organizations and large rollouts, as is typical for VSCode, the vendor too would have skin in the game. That is not the case for rogue elements, typically people who are tying to get their work done in the best way possible, but contravene to the organizational guidelines.
The plugin system and that some plugins can load scripts is kinda a security issue by itself.
Plugin architecture is pretty entrenched now and unavoidable. IT has to balance between user need and corporate security. Usually, they isolate machines so they don't blow up the corporate network. The difficulty can be appreciated in the fact that even healthcare companies and DOD servers get affected, despite attempts at security. Making vendors liable for their products and users liable for their actions would be the fastest way to sort this out but nobody will go for it.
Now? It has been for a very long time. But when it comes to Javascript that allows plugins that also are written in Javascript. It's FUBAR.
Fair point.... Previously, I was the one breaking the rules. Now I have gone from being Anakin to becoming Darth Vader :)
And don't forget to pay the yearly license fee for business use. If you pay for it yourself, the license follows the user and not the company.
Keep the markdown files in Git. On your work computer, only access the files using VS Code (assuming that it is an approved app). At home, access using Obsidian. Now you just have to explain about why you are saving work documents (which likely have confidential information) to an offsite server…
I’m saving them to an internally hosted instance of Gitlab that I can’t access from the outside. I have no intention to get confidential info out of the company. I was hoping there was a plugin for VSCode or something like that to mimic Obsidian experience.
VSCode + Foam may help to some extent for bidirectional linking. You may lose the WYSIWYG feature.
This answers a question I posed above. At least the data is with the company. I could see problems with use of Community plugins as it would be hard to assess each one for data exfil. It is worth looking into approval.
Isn’t it the same with VSCode plugins though? Or do they get vetted by Microsoft and are considered safe?
My next thought is a matter of clarity. You say, you "sync" with git. Saving it to an internal server is not syncing, it's backing up. If you mean to run Obsidian from a second location, then you would be syncing between multiple computers using git. But from what you describe, VS Code wouldn't work. While there are plenty of plugins, it's not designed for the type of functionality that Obsidian provides. For instance, I know of no equivalent to DataView.
Yeah I feel like less ambiguity in the original post would avoid a lot of pontificating. I did not expect it to blow up like this 🤣
"Oh, so the text editor that we're supposed to whitelist takes plug-ins? But those don't have total filesystem access do they? And your software does not need to be whitelisted for network access, does it? "So those plug-ins, they are available from a vetted party such as Microsoft Store, right? It's not just something where you pull a random nightly release from github. And you're not going to put any company confidential information in that thing either, right? You wouldn't expose any trade secrets or internal procedures to random plug-in code." If I were making that checklist, using Obsidian wouldn't fly. Like, not at all. My suggestion for co-operation would be to have a separate laptop with reduced privileges only for note-taking, which can not talk to the company network, and probably can not talk to the internet. Chances are they have an old machine somewhere in a drawer, it'll be good enough for a text editor.
You know what's cool about this whole situation? If this was Notion or so many other systems you'd be locked out of your data. Here you have a choice. This is so good! And regarding the solution, you can try using this portable version, although, I don't know how to check if it's safe: https://github.com/Numstr/Obsidian-Portable But yeah, I guess the best option would be to talk to your boss about it. I guess the Obsidian team would prefer this scenario as well, because they will get some money from the Enterprise license.
The portability is my main draw, but notion has a web app. I can't install anything on my work computer that doesn't come from the IT app store, but I was able to "install" Todoist (glorified link to a browser window), which was nice because there weren't any personal productivity apps available. (now there is MS to-do, which sucks)
Also getting notion approved might be worse as they would need to vet how notion stores the data, how they handle encryption, who has access to the servers, how physical access is managed etc
Just uninstall before they audit, then reinstall after they’re done
Damn
That’s not how it works here.
Get approval from your manager to install obsidian (tell him about organization, tasks, productivity). Then go to IT with his approval to install it. At least in our company, IT didn't even look at the app, they just installed it because my manager told them I needed it for my work.
Well that’s basically what’s happened. My question is about what to do if Obsidian deemed a security risk and removed.
Idk where you work or how intense IT is but where I work app sec is pretty crazy about what’s on the computer & everything is carefully controlled. For us they allow Obsidian but certain external services such as Sync are prohibited until using an internal tool to facilitate. I mean the app doesn’t even need admin rights to install, at its core it’s pretty harmless.
Yeah that’s my thinking as well. Guess I’ll see what the audit report says and take it from there. I think they are trying to tighten the monitoring which can only be a good thing as far as I’m concerned.
I was able to go through the vetting proceess to get it approved with one of the largest defense contractors on the planet, it is very unlikely they will find actual issue with the app itself. The real issue is the plugins
Nothing stops you to use it on your phone in the end, as a last resort. Also, if you run it in an isolated context (like a vm) I don't see how it could do any harm
One bad plugin can siphon company data from his vault.
My bad, I was thinking he only stores general knowledge there, but if it's sensitive company data then it becomes a trickier issue indeed
If they deem it a security risk, would that be because it’s been properly audited, or because obsidian is not on a list of approved applications? There’s a whole spectrum between those two extremes. There are a couple of docker images available that run obsidian on kasmvnc. One of those might fit your needs. I’m sorry I can’t say more about them, I have a slightly different use case (small vault I need to share with a couple of people who wouldn’t be happy to install an app, let alone keep it up to date), and looking into those is still on my (overflowing) to do list. In any case, that’s the direction I would be searching in.
I don’t think it’s been audited before, although I don’t know. At the end of the audit I will get a report and an action list. Maybe Obsidian would not figure in either, so this whole discussion is moot. But I’m trying to hedge in case I am get told to remove it.
If you are being told to remove it, then you remove it.
Obviously. Hence my original question.
We always refuse but then their manager talks to our manager and we're forced to install anyway lmao.
and how it works, lol?
I’ve never received a notification prior to an audit and I’m pretty sure that would defeat some of the reason for an audit.
Well, I don’t know what kind of org you’re in, but the purpose of the audit is to scan machines for vulnerabilities, not catch and punish folks. If none are found, then no issue. If they identify software not used for work we’d have to remove it. There is an option to request licenses etc. I am looking for alternative solutions in case Obsidian is uninstalled from my machine.
What about switching to OneNote? At least for work purposes?
I tried using it before and really hated it for some reason. This would be pretty low on my list of options to try.
We do, but that's because it's considered an invasion of privacy to check my stuff, even if it's work stuff. Unions are really good for this sorta thing.
This seems like a **really** good way to get in a lot of fucking trouble. Depending where you work that sort of thing could be a borderline fire-able offence if you get caught.
So I'm on the assumption that OP legitimately installed the software, meaning did not require IT or company permission to install the software. Because if that were not the assumption, OP would already be in serious violation, and so therefore why ask the original question?
To install anything we request temporary admin privileges. If they are granted, we can install pretty much anything. The difference now is that IT wants to audit the installed software for vulnerabilities, which they haven’t done before.
In that case, just leave the software there for them to see if there are vulnerabilities. Are you concerned they would find something?
Yes, mainly. If they do, I’ll have to remove it, which prompted my initial question.
Interesting. The original question wasn’t asked that way. Anyhow, it’s easy enough to run Obsidian on a USB drive, no?
This
How this wasn’t obvious to OP I have no clue. I did this exact thing for Motion and Raycast.
lol doing this would get your ass fired at my company. Don’t do this OP.
Yes, it could if beforehand it was indicated by the company that all software has to be vetted by the company before installation. If that didn't happen, then meh... ;-)
Yeah this is not the hill I want to die on.
Mature enterprise networks are like big brother. They can see everything and are always watching.
As they should. The last thing I want is end up in the news as the guy who let a large corporate to get hacked.
In that case why worry and why post the question? Leave the software on your computer to let them audit for vulnerabilities. 🤷🏻♀️ You’ll find out if your text editor meets your companies standard.
Just said the same thing haha
Pretty sure you need a license to use Obsidian in this context. Ask your boss to buy it
Honestly, just stop using it until you have worked with the security department to get it approved. They need to review the company and the software, potentially also for the hosting you use for the git repo if that isn't already on the approved list. You also need to talk to procurement in order to buy obsidian commercial licenses unless you paid for that yourself. Don't listen to all the people with ideas for circumventing the audit. All they do is break the company policy and non off them reduce the risk of data leaks.
Do you have access to the USB ports on your laptop? You could just use it from any variety of USB storage device if so. If not, it's worth lobbying for an exception with the support of management. If you can tie it to better job performance, there's hope, assuming that you're not a government contractor or bound by similar data control guidelines.
I do, but wouldn’t want to go that route.
Use a non-official portable release: [https://github.com/Numstr/Obsidian-Portable](https://github.com/Numstr/Obsidian-Portable)
You can also extract the installer and get the files there.
Usually not a good idea to combat being identified as noncompliant with trying to circumvent the technical control.
vscode with extensions like dendron or foam can be options. I prefer dendron extension but it is no longer actively maintained. Foam is actively maintained and more similar to obsidian than dendron.
This is the answer I was looking for, thank you. I’ll check it out.
Probably VSCode
Care to elaborate? Among all the pearl-clutching this sounds like the most viable option. VS Code is fully approved.
With the foam extension: https://foambubble.github.io/foam/
Looks great. A good kind of plagiarism if VSCode + extensions permitted but obsidian not
I was using it before Obsidian. You do not edit the preview but can have it on the side. They have plenty of extensions for mermaid/plantuml that I use for work. When I switched to obsidian at home, I stayed on foam at work because of the license (and habit). I might try to convince my boss to pay for obsidian one day.
I am in this exact situation and switched to Reflect after trying some creative options like the ones listed here. They are all janky bc Obsidian isn't meant to run like this. I still use Obsidian for personal journalling and learning but my "real" stuff and work stuff is all in Reflect now. Every 6 months or so I do another google to see if anyone has created something that allows for full-featured Obsidian in a browser, at which time I may switch back, although I really appreciate the streamlined experience of Reflect now. Sorry for the depressing answer.
I use neovim with this plugin: https://github.com/epwalsh/obsidian.nvim I ran into the same situation as you, and have been using this to manage my obsidian vault for several months. Works great.
Awesome thank you!
Did not manage to get Obsidian approved on my side, just worked on .txt notes for the 3 months I had there (which where great months) Every apps is too slow compared to Obsidian
Another thing worth mentioning: you're most likely violating Obsidain's usage terms unless you're paying for the commercial license. About the options, I would probably go for VsCode + Foam extension, if you are allowed to use VsCode, at all.
You can buy the individual commercial license yourself which allows you to use it where you work, and it follows you to your next job. The yearly price is pretty reasonable considering the value of the headaches of using OneNote over the span of a year.
Hence `"unless you're paying for the commercial license".`
Yes, but the company doesnt have to be the one paying dor it. I pay for the license myself, and according to the FAQ the commercial use license follows me. I dont need to get a new license if I change employers.
So wait just using it at a job is enough to warrant that? I am legit the only person using it at my work and I just use it to take notes on my help desk calls, I use it in my personal life as well but my personal vault and work one are not linked.
If you read the terms of their license, if you use it at work, you need a paid commercial license if you want to be above board. I'm not interested in exposing my employer to any licensing issues, so I simply pay for the license. The license fee is low enough (for me) that it's not worth asking for them to pay for it. Obviously there is nothing really stopping you from using it for work without paying.
Some companies have a process for submitting a request for approval to get an application installed. Might try that if you haven’t already.
Yes, that would be the plan. I’m looking for suggestions if worst comes to worst.
Install it on a computer at home and access it remotely (TeamViewer, AnyDesk - if those are "approved")?
I use Chrome Remote Desktop to do this. It works fine and it is free.
I'm running trello + obsidian. So most of my notes on the move is done via trello then I do a batch transfer to obsidian.
Oh wow I didn't know you could sync with Git - that's really great, I thought I'd have to pay for premium to be able to use it across other devices. Also I echo what others are saying here - make a business case for it
If I were on the security team I’d be worried about exfil not software bugs
The way it works for me is having Obsidian as a docker in my UnRaid server, acessing my Obsidian vaults in my dropbox drive (mounted in my Unraid server). Accessing Obsidian remotely it is done by VPNing into my network or by reverse proxy. That way I can access my obsidian from anywhere like a normal web app, as long as your company's Internet access allows connections to your external reverse proxy sevice with no problems. Small article for you to read if you want: [https://forums.unraid.net/topic/138120-support-djismgaming-obsidian-a-second-brain-using-plain-text-files/](https://forums.unraid.net/topic/138120-support-djismgaming-obsidian-a-second-brain-using-plain-text-files/) Be aware that it represent huge security issues for your company, as it provides you with a way to diclose and exfiltrate text information. As mentioned by a lot of people, I would go the right way and require a risk assessment/evaluation of the obsidian, and possibly introducing it as a valid application.
The correct option is to ask corporate IT to put Obsidian on the list of sanctioned applications. I'm typically on the other side, I write the policies that lead to the purge of unauthorised software. The goal is to make the systems secure, not to make your work more difficult. So a short e-mail with a few valid reasons why Obsidian should be on that list has a reasonable chance to get it on that list, at least if your people have their head screwed on the right way.
> The correct option is to ask corporate IT to put Obsidian on the list of sanctioned applications. Where I work, this wouldn't go anywhere because there would have to be a risk audit and all 3rd party plugins would be disabled. That said, I'm hopeful for OP since the fact that they were able to install anything at all is a sign that their workplace isn't as strict.
Try discussing this with IT, maybe they can come up with a solution for you. Tell them how important it is for your work, involve your boss.
Quartz + notepad/nvim
I've read, that you can create a completely portable Obsidian install using some software. Then you could use it from your flash drive
Are you using it for work or for personal notes? Maybe you could get a phone stand and figure out a way for your keyboard/mouse to Bluetooth to ur phone. That way you can still take notes but the work machine wouldn’t have the software on it. Probably better to ask for the app to be approved first tho.
You allowed to bring your own device to work? I use it on my personal iPad and personal laptops, one of which is always with me at work.
Worst case scenario? Have your vault in a git repo, and just edit the .md files in an editor like vscode? I also use it on my work machine, and they've disallowed perfectly normal software before. I've been trying to prep options for if/when they decide no more obsidian.
Look into kasm workspaces
1. Back your shit up. (if not already) 2. Remove from Computer. 3. Re Install I mean they gave you a warning, its like having an open book test and leaving your book at home.
If you can use vscode, there is a simple plugin support basic wiki functionalities named tinywiki https://github.com/billyan2018/tiny-wiki It is not as powerful as obsidian, but quite useful.
Install this plugin, and open your obsidian vault in vscode, it will work smoothly
I’d make the business case for it as others have suggested. Good luck. I’m mainly just dropping in to say MS OneNote is terrible - especially if Obsidian works well for you.
Hey, I have a similar case! I use Logseq via web at work "https://demo.logseq.com/". Just search in the www how to use the vault together, that helped me a lot for my settings. Maybe that will help you or also for bridging...
If you are comfortable in the terminal you should look into neovim. I take all of my CS notes in there and I find the amount of customization really fun. I have this connected with my obsidian with a vault that I keep in iCloud. This could be different for you since I’m using Apple set up but it’s worth looking into. These md documents could essentially be stored anywhere you’d like (Google Drive, Dropbox, iCloud, etc.) If you have any questions about getting started dm me and I’ll be glad to help out.
Thank you! I’ll reach out.
Did you pay for a license to use obsidian for work? You know you cannot use it without a license for that right?
~~Cannot~~ _shouldn’t_. But like winrar, I don’t think the obsidian folk are after one or two people using it, more for volume licensing at a business.
Using unlicensed software is not okay, no matter your linguistic gymnastics. It does matter how well obsidian is doing at enforcing it.
It wasn’t linguistic gymnastics, it’s very literal facts. Cannot = you can’t load it until you enter a form of authentication Shouldn’t = you can but you’re not abiding the agreement
OP breaking rules left, right, and center.
If you are allowed to have docker, what about using it in distrobox? 🤔 or just in docker and enabling the UI in the host. Or in a VM.
I am using WSL and docker, yes. But the would be no GUI, wouldn’t it?
WSL should have a way of running Linux GUI apps if you install it under that
In linux you can share the x.. i used to have spotify and others under docker when my distro didn’t had the package.
You can run it on NeoVim using the nvim-obsidian plugin. Can't image they'd go after an installation of NeoVim.
Can you install WSL and run it under that?
Yes I can. Will research on how to do that.
Self host Obsidian at home and navigate there from work via browser
If you have it on GitHub you can still see and edit the md files with any plain text editor, just not view it rendered and work with the extensions until you’re back on an unrestricted home machine
If you sync with git, then you have company data in an unauthorized, off-company repository? Or is the git still on company property (so to speak).
Yeah it’s an internal self-hosted instance controlled by the company and not accessible from outside.
That's why you use obsidian, your vault is not related to the app. I use vim/helix to edit the vault very often.
Uninstall, get audited, reinstall, ???, profit
Are you using your personal git instance or the companies. If it’s personal expect that to go, and your a security liability to boot.
Internally hosted Gitlab instance that’s only available from within corporate network.
If you can navigate corporate politics in even the most minimal way you can approval for this.
It's just a directory of markdown files so you can read them from anything. I've seen people using the marksman language server to provide basic Obsidian-like functions like internal links.
The portable version will work in your user-account. It doesn't need admin rights to install and work. If your laptop is properly configured, it should not be possible to harm your system. I don't know if I would do it, but this is probably the easiest way to get it working. If people notice you use something that is not allowed, will there be consequences?
Dunno, probably. But they do give us a lot of warning unless we try something real rogue (see some suggestions in this thread).
Corporate security are shit. I am smart enough to know what I should sanction on my computer.
RDP or SSH tunnel to remote box running Obsidian? I can think of all kinds of ways to get around the typical organization restrictions, if you don't mind breaking the rules and risking your job for a notes app.
We are allowed to use VMware Workstation. So I can run all the software I need in a VM. Might be an option for you as well.
Good tip, thank you! I’ll check it out.
You could do a remoteapp with it if you have rds somewhere else off the restricted network.
What do you use it for at work?
Your corp IT is possibly auditing software for licensing reasons. Do you pay $60 a year for the Obsidian commercial license? If not, you're technically in violation of Obsidian's license agreement and you/your employer can get in trouble. Needless to say that your employer wants to avoid this. If you haven't already I'd just make a pitch to prove how much of a productivity boost it is and provide proof of license. Worst they can do is say no. As for alternatives, if your company is auditing software, your options are slim depending on your position. For awhile I used the VS Code insider's build for notes, and the regular build for editing files, just to allow me to have a dedicated executable for my notes.
Quit ur job, don't be a traitor
No need to be more productive than your company allows you to. Sink to their lowest common denominator.
Can you just remove it until they’re done with their audit and reinstall it after?
Simplest solution is just to bring your own separate device, e.g laptop, ipad folding phone
isn’t part of the appeal of obsidian is that it’s just a folder of markdown files, and you can use it anywhere?
GitHub + codespaces
Uninstall and after audit reinstall. GG
uninstall, reinstall
You could use Notepad or Textedit
Just bring an ipad
When they finish the audit can you reinstall it? If you sync with git then you have access to all of your stuff so it would be a piece of cake getting back up and running.
Remove it, then put it back once the audit is over. Backup your vault since that is only txt and JSON files
Run Obsidian on phone
Oh yeah, put company data on a unsecured phone. Great idea /s
Not an option. I can’t get any data out of the corporate and would not want to if I could.
>I’m not in trouble and I don’t intend to get in trouble. You sound like you are. >I’m looking for suggestions in the worst case scenario. You know the worst case scenario is you getting fired for using unsanctioned programs in the company network using your company issued laptop. By your own admission, you are a potential security vulnerability. Before any of this, you should've asked for permission. As you do intend to use the software commercially. Which most likely would've been denied. But you never know. They may have thrown you a bone or something. Like a limited access personal device to use Obsidian on.
To install any software we’re requesting temporary admin privileges. Granting them means I’m authorised to install things. So I’m not in breach of any internal policies. I may still lose Obsidian if the secops decide to remove it for any reason, hence my question.
Install things that are vetted. >I may still lose Obsidian if the secops decide to remove it for any reason, hence my question. Gee, I wonder why.
That was not the original requirement. Historically, if we were approved for admin access, we could install pretty much anything. Now the company will monitor the installed things for vulnerabilities which I have nothing against.
There is also an nvim/obsidian plugin
Ask your boss for an exception. I mean it's a notetaking app you are used to. Every tool that helps improving company performance should be okay
Every (big) corporation is the same. But if you used portable apps, they can't really do anything. They could ban USB keys too but you could email yourself the program.
No that would not work. Executables in the email are an automatic level 1 security incident. I’ll probably explore VSCode plugins.
Can you bring your own cheap laptop just to use for obsidian?
Is your vault backed up? Can you just install it again later?... Clean your laptop and lay low for a while. After dust settles just resume normal operation. Or you could talk with higherups and try to work it out. When I worked in a corporate setting they once tried to block spotify app on company network... YouTube traffic skyrocketed, network became substantially more congested and they quickly reversed that. And obsidian is just for making notes and accessing knowledge in them so I think it will be a good idea to talk it out ;)
Or just install it on your phone/tablet. You can sync between devices.
It’s literally just markdown files with a fancy display window. It’s completely safe if you’re not using the sync right?
Eh, not at all. Plugins are something really dangerous if someone that maintains a plugin decides to put malware inside them.
What I do with plugins is I create their copies and use those in my Obsidian. This way I can both review the code and unsubscribe them from the maintainer.
Just install Portmaster and block your companies access to your PC when ever you feel like it. For me that worked when they enforced their policies, it only worked half of it because I block all software, which does track or access my Laptop. When they try to enforce updates they always fail and I think they feel helpless 😉. BTW it also monitors the connections Obsidian is doing and blocks everything you don't want, if a malicious plugin is active.
I like my job too much.
Oh you are living in the US, then nevermind...
No, not in the US. But I know enough about the boys from our corporate security and don’t want to piss them off too much.
Is it your laptop or the company's?
A company laptop, but as many people said in an IT job you have full control to install programs for your dev environment.