Honestly, it’s better to ask what you think is a stupid question, then to not ask and suffer the consequences. As an example: one of the clients I work with recently needed to get a piece of expensive software. Instead of asking IT to order it for them, they went online found a really cheap price and ordered it themselves. Now the company does ALOT of business with a reputable vendor, and gets a discount on this particular package through them. Granted they do not get to order the software for $70 instead of $1,300, but if it seems too good to be true you should always question it. So of course when this software came in, (it was from somewhere in Thailand) it had high quality printed labels, no instructions or serial numbers. When inserted into a stand alone sandbox machine (no way were we giving it access to a live machine on the  network) it had nothing that set off any malware or anti-virus alarms, but did have a crack directory with a keygen in it. Not something corporate IT wants to see in the building. So of course it had to go up the food chain to some of the upper management, and wrists were slapped, reprimands and apologies made. Now one question could have avoided all of this. The question that should have been asked, was “Can we order this through IT?” Sometimes asking a simple question can save lots of headaches and time.

*** This is a Security Bloggers Network syndicated blog from Technomagic authored by David. Read the original post at: https://varne.wordpress.com/2010/07/20/do-yourself-a-favor-and-talk-to-an-it-expert/