Asking as a developer:
There seems to be a lot of tension between what developers want/need and what the Security Team would like to have locked down at a lot of development shops.
Approved operating system configurations, anti virus and DLP software frequently conflict with the requirements of developers to efficiently get-stuff-done when it isn't outright causing SDKs to fail, dev toolchains to perform poorly, or blocking access to new and interesting technologies developers need to stay current and relevant. Also, lets be real, developers frequently encountered their passion through gaming, and being able to game prevents burnout and maintains developer passion for their job.
I've seen some solutions mentioned including ideas around running two networks: a clean network thats only connected to via IT approved machines, that is used to access company IP, and a 'developer' network that's more ... wild west.
Are there any white papers or other resources that dive deeper into the best practices surrounding these, and/or other techniques for achieving acceptable compromise between the requirements of developers who need to be able to debug, install software from the internet etc. while maintaining an appropriate degree of network security around Company IP, Operations etc?
At the very least, I'd just like some correct terminology other than "clean/other" network, as the opposite of "clean" is "dirty" and that has negative connotations.