I may depend upon the company. I work at a company what writes software for smart phones [1] and we don't have such restrictions. Yet our parent company (we were bought out several years ago) does deal with financial transactions and has all sorts of regulatory restrictions what can and can't be done with computers.
Unfortunately, for some obscure reason, it's only now that we might have to conform to the regulatory compliance issues (no one has been able to answer me "Why now? Why not when we first got bought years ago?") We're trying to fight it but the fix seems to be in.
[1] Enhanced caller ID. Part of our software lives on the cell phone. Part lives on the phone network.
I've heard of it happening in other companies here in Ireland, and our security/infra team at a large multinational keep making appreciative noises towards companies and concepts about locking down end dev user machines and having dev needed stuff happen on VMs. Luckily they've not got their way yet.
It was like this at one of the companies I worked at. All dev desktops were heavily locked down and you had to file tickets to get software installed - sometimes the IT folks would log into your machine remotely and do it from there. It was kinda neat in a way.
Looks like the guy who wrote this works for a UK bank, which kinda makes sense since we all know UK banks suck at IT. RBS, TSB, Natwest, etc all have serious technical problems and banks have been known for years of just plain sucking at building web apps.
