My company has an ISO 27001 certification. They provided me a new laptop with Windows 8 OS in it. I asked if I can have a Linux/Ubuntu OS installed, they said that it is not possible due to the ISO 27001 standards.
Is it true or do the technical people of the company not know how to install Linux/Ubuntu?
One of ISO 27001 requirements is management of access control to company's IT resources.
If you just install Ubuntu on your laptop, all the access control will be managed by you directly, instead of your company. So when, for example, your manager will want to fire you, then your IT department won't be able to block your local laptop account in a convenient moment.
Of course Linux can be connected to central authentication systems (AD, IPA, CAS etc.), but first your IT department needs to build required competences (a single employee knowing how to do that is not enough since all ISO standards require written, repeatable and verifiable processes).
On the other hand, knowledge on how to connect Windows to AD, and deploy a central authentication, is more or less common in IT, so probably your company already has ISO processes for it. Therefore, they allow you to use only Windows.
External links referenced by this document: