hello all,

I'm in kind of a new situation for me, after 20 years of consulting.
System security design was never something I did.  I could make general
recommendations, but mostly I left that to the experts.

I'm working in-house for the first time in my career.  Typically, the
customers I worked for in the past had their own very well designed and
segregated testing environments, or if they didn't, development was done
off site on our box, and when it came time for implementation, I was given
full (QSECOFR or close to it) access to the customers box for the time I
was doing installations, and those customers trusted me enough on a
personal and professional level to know that I wouldn't abuse the

Now, I'm in a situation where I there isn't a well designed security plan
and no formal testing environment, and I've been given virtually no
authorities to do any setup or configurations myself, little authority to
production data, and I have to go through people who either don't have the
time, or don't know how, or who also don't have the corporate authority to
do what I need, whenever I need to get anything done.  It's frustrating.

The things I'm looking to be able to do is to do some configuration stuff,
be able to set up and configure tcp stuff, dual smtp (domino and native) so
I can send emails from RPG programs, setup net.data, make configuration
changes to apache, maybe setup websphere, etc.

Also, it would be nice to be able to build logical files, sql views and
indexes over production data so that I may test for performance things more
easily - it's a total hassle to go through channels when I'm not even
making changes to production data.

I understand the theory, logic and meaning behind segregating developers
from the line-of-business.  My problem is that I have so little authority
to so many things, it's like pulling teeth to get my job done.  So I need
to make a business case for getting more authority.   I guess what I'm
looking for is a balance of god-like powers without overstepping the
boundries a developer should have.

What sorts of authorities do you and your developers have?



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.