• 0 Posts
  • 20 Comments
Joined 1 year ago
cake
Cake day: June 13th, 2023

help-circle





  • First, ask your boss for your employer’s policies on handling these situations.

    Second, ask your boss for de-escalation training. If you’ve already gone through this training, a refresher will still be good.

    Third, you mentioned a union. Ask them for recommendations and resources.

    Fourth, if your concerns feel unaddressed, contact whomever would be your HR department. Know that HR is not there to help or protect employees, but there to keep the organization from being sued.

    Fifth, do right by yourself. You’re obligated to your own safety. Healthcare is an emotionally charged environment with clients who are almost never there for good reasons. These high level emotions will cause intense feelings and scenarios. People can react irrationally during such situations.







  • It’s important to note that your password has to be stored someway, no matter what, no matter where. How it’s stored can be varied, from hashed (think encrypted) to cleartext. I’m assuming lemmy is using hashed passwords, so if you’re concerned about your password being available to an instance owner, admin, or potential attackers, then you’ll need to follow safe password guidelines. Changing the concept from passwords to passphrases is a great start.

    Always keep in mind, if the data isn’t stored on your device, you do not technically own that data. You have to trust the owners to be good data custodians and treat the data you give them as if it were their own private data.

    I’ll leave this now internet-ancient sacred image for future passphrase converts.




  • I don’t technically open any ports to the public. I have a site-to-site wireguard tunnel to a hosted server. The hosted server is running a hypervisor with two virtual switches. One switch is my external switch and only my Wireguard server is using it. The other is an internal switch where I place other VMs for separate things. A container host, a terminal server with xrdp, a monitoring server with netdata, stuff like that. All technically, but unnecessarily, accessed through nginx proxy manager.

    Because it’s site2site with my home equipment on the Wireguard server, i can still connect to my home network where i host a number of separate services like HomeAssistant from outside the home network.

    I don’t use tailscale, but Wireguard vanilla is super easy to work with. I also have fail2ban pretty much everywhere I can install it because it takes up practically zero resources.