Closed brittag closed 8 years ago
Should we specify the rules are for protecting live systems" only? Otherwise this looks great.
@wslack I'm not sure what you mean - which line might we clarify with that?
Since this is an official policy, and important to team culture, let's leave this open at least until Monday to see if there are any strong reactions.
This is an effort to add basic, easy-to-find, plain-language guidance for ourselves about "step 0" for working in public: protecting things that actually need to be secret, with a link to NARA's list of types of government secret stuff.
This would help with both cloud.gov work (https://github.com/18F/cg-compliance/issues/174) and handbook work (https://github.com/18F/handbook/issues/5).
This PR should get review from somebody in 18F Infrastructure before we merge it. If we merge it (or some reviewed and revised version), we should put a note in #general-talk so that people know it exists.