For a lot of people it is. For those who make their living doing IT it might seem rather straightforward but that's a tiny percentage of the population. Like any task that is outside your domain of
expertise even easy things can seem hard if you don't know enough to ask the right questions. And frankly even most IT pros really aren't experts in security despite what they might tell you.
Standard programmer debug technique seems to be
- Turn off local firewall,
- Give everyone/world admin rights,
- Open Windows Share to "World/Everyone" (and cat, and dog), with Full access,
- Turn off UAC, and
- Request Administrator/root/QSECOFR password.
And they seem to be regarded as the security experts by non-IT. Infrastructure/Security/Compliance teams be damned!