A big problem here is also using an account with root level rights as your daily driver. Instead, your normal login should have limited rights, and if you want to install something or need admin rights, you should need to provide additional credentials in a prompt. UAC is a joke if it just requires you to press OK. How is that supposed to stop a real attacker?
That's based on organization/group policies, during pandemic I'd expect the IT to be generally overwhelmed and the office admin would have been buried under loads of hardware requisitions request.
I won't be surprised if team managers are themselves taking it upon themselves replacing IT upto an extent as a big company would have had insane amount of requests.
Over that, not every organization would have an extremely robust system for this. A simple thing as not having permission to installation/update applications for WFH PC/Laptops will cause problems for individual teams. Usually inventory would be nuked with all domain logins not having any installation permissions (which would have been the case as these systems were deployed to WFH), queuing in requests for specific application to be deployed over VPN network has lot of dependencies (like WFH person should have good internet service, the system being in a VPN will usually causes load on either you local team's office's internet infrastructure + HQ or just the HQ internet infrastructure, time window for IT admin to query individual installation requests, time zone difference for small studios, etc etc).
Want to install/update SDK for the team, (worse case) how about waiting for a day where there is no productivity.
