In most large organisations worth their sale they will have a rock solid security models and patch rollout / awarenes (multiple firewalls, bluecoat, direct MSPSS acess etc). For teams who need admin access, they just hive off from the main network and connect via another level of security - so no direct access to "the rest".
"This e-mail is from Reed Exhibitions (Oriel House, 26 The Quadrant, Richmond, Surrey, TW9 1DL, United Kingdom), a division of Reed Business, Registered in England, Number 678540. It contains information which is confidential and may also be privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s) please note that any form of distribution, copying or use of this communication or the information in it is strictly prohibited and may be unlawful. If you have received this communication in error please return it to the sender or call our switchboard on +44 (0) 20 89107910. The opinions expressed within this communication are not necessarily those expressed by Reed Exhibitions." Visit our website at http://www.reedexpo.com -----Original Message----- From: Douglas Knudsen To: CF-Talk Sent: Thu Aug 10 06:40:59 2006 Subject: Re: Development Environment Setup and who is to audit and ensure the developer is doing this? Further more shouldn't this config be something the PC support folks should setup and maintain? In a large organisation with 10000+ PCs these are big and costly issues, eh? A security head might just make seemingly idiotic choices to save their respective butts, eh? Remember NIMDA? At the time where I worked there were no restrictions on IIS servers running on your desktop PC. oops...this helped nimda spread faster than a california wild fire. DK On 8/9/06, Russ <[EMAIL PROTECTED]> wrote: > > Then your security team is full of idiots. Not only can you set up a > firewall, you can configure apache/coldfusion to only listen on 127.0.0.1, > so that no other computers can access it. > > > -----Original Message----- > > From: Everett, Al (NIH/NIGMS) [C] [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, August 09, 2006 4:01 PM > > To: CF-Talk > > Subject: RE: Development Environment Setup > > > > I'd love to do that, but we're not allowed to have "servers" installed > on > > our desktop machines for "security reasons". > > > > -----Original Message----- > > From: OĆ°uz_DemirkapĆ½ > > Sent: Wednesday, August 09, 2006 2:37 PM > > To: CF-Talk > > Subject: RE: Development Environment Setup > > > > Test Server <---> SVN <---> Production Server > > > > | > > | > > Developers > > > > Test Server: Testing current status of code and deciding production > > version of code. > > > > Production Server: Deploying tested code version from SVN reposity. > > > > Developers: Every developer have their local CF installation and they > > chekin/checkout code from main SVN reposities. > > > > > > This is what we have here. :) > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:249405 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4