See, i'm not buying that :) Risk matrix - Consequences vs Likelihood.
Questions - Why are developers working with production grade data (customers info etc). Shouldn't that be partitioned off into a more secure locked down release area only. Developers working with "Foo Jones" is imho the counter pill to the for mentioned claim. Placing the developer pool in their own DMZ sandbox imho is also the way forward, so if they are compromised its contained and all data etc should be test data that doesn't include sensitive information. IP getting stolen? Theres a million ways to bypass a locked down machine to get the data in/out ..if someone were to expose the code base or documents it first is likely they are moving data outside the confines of the said PC and secondly are likely to screw up no matter how much Sys Admin nannying is in place. In all honesty, I think Sys Admins today really need to reign in their approach to making the zen-like perfectly secure network. Devs need more room to play in, so provide them with a sandbox to play in and look instead into ways of emulating the network solutions they are build for than just declaring SOE war. Having spent a few tours in GOVT, its like the Sys Admins are still reading their "How to prevent virus attacks on Windows NT 4.0" playbooks. Didn't Suncorp recently adopt the "bring your own pc to work" philosophy? --- Regards, Scott Barnes http://www.riagenic.com On Sat, Nov 19, 2011 at 12:06 AM, Ken Schaefer <k...@adopenstatic.com> wrote: > On the other hand, you just head over to the sysadmin lists and see the > admins complaining about how much time is consumed supporting developers > who get their machines compromised or otherwise borked. Putting > unauthorised networks into an environment is a huge no-no in my book. Most > developers do not have the skills or the knowledge to secure a network, let > alone know what regulatory/audit requirements the business has. Then, if > there is a compromise and corporate IP is stolen, customer information > stolen etc. due to ingress via an unauthorized network, who is going to > take the rap? > > -----Original Message----- > From: ozdotnet-boun...@ozdotnet.com [mailto:ozdotnet-boun...@ozdotnet.com] > On Behalf Of Arjang Assadi > Sent: Friday, 18 November 2011 5:00 PM > To: ozDotNet > Subject: Re: [Friday OT] unstoppable force meets an immovable object, > > On 18 November 2011 19:47, Les Hughes <l...@datarev.com.au> wrote: > > Get a rouge box on the network with VMWare and set up a shadow > > network. A wireless router can also help if the wired network is a > > little discriminatory. > > > > Fight the power! > > Brilliant! > > That's voice of a true programmer being an unstoppable force talking, >
