Security Basics mailing list archives
Re: Procedural Issues
From: WALI <hkhasgiwale () gmail com>
Date: Fri, 15 Jun 2007 22:30:50 +0400
It's not noise kurt, the issue indeed started about 4 months ago but I am still stuck with some finer details and hence re-posted under the same thread.
Thanks for the reply.Mine is not near to even a mid-scale production environment with about 6 people in all but working on a highly sensitive inhouse financial/HR application.
Auditors demand that bring about some controls of duties within our development environment. I am trying to do the best and then declare the accepted risk.
At 02:39 PM 6/13/2007 -0700, Kurt Buff wrote:
Sorry for the noise - I was looking in my gmail threaded view, and didn't notice the dates. Kurt On 6/13/07, Kurt Buff <kurt.buff () gmail com> wrote:In a full-on, large-scale production environment, code moves something like this: Dev Test Staging Production Each stage has its own set of admins/support staff, who are responsible for placing the approved software from the previous stage into their environment, according to their individual requirements. Kurt On 1/8/07, WALI <hkhasgiwale () gmail com> wrote: > In a software development environment, what risks do we have if we allowed > software development team leader, access to Live production servers? > > Security demands that the two environments be segregated. > > If I segregate the two environments, who would shift the code from > development to Live? > >> ---------------------------------------------------------------------------> This list is sponsored by: ByteCrusher > > Detect Malicious Web Content and Exploits in Real-Time. > Anti-Virus engines can't detect unknown or new threats. > LinkScanner can. Web surfing just became a whole lot safer. > > http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect> ---------------------------------------------------------------------------> >
Current thread:
- Re: Procedural Issues WALI (Jun 12)
- RE: Procedural Issues Dave Lewis (Jun 13)
- Re: Procedural Issues security.xentek (Jun 13)
- <Possible follow-ups>
- Re: Procedural Issues Kurt Buff (Jun 13)
- Message not available
- Message not available
- Message not available
- Re: Procedural Issues WALI (Jun 15)
- Message not available
- RE: Procedural Issues Dave Lewis (Jun 13)