Added aphascience and contact details to GitHub access process

[ben-sagar]

I'm wondering if we should aim to start directing people here for APHAScience GitHub standards, rather than having our own version. One key difference though is that you require 2FA. Has that ever had any pushback? Long ago, when we first started with GitHub, most of our users couldn't have work phones. The situation has probably changed now though.

@tearne We haven't really had any pushback but equally we were coming from a position of not having full compliance either, so we've not been able to enforce it (yet).

The first step was to make it the standard, the next step is to fix anything that's preventing anyone from meeting the standard and then the last step will be enforcing it at the organisational level.

[Fraser-Buchanan]

I have only had a couple pushbacks when it come to auth apps. You don't have to have a work phone to use it but we can't always expect users to install things on their private phones. We are far from compliant with 2FA, even though you know they must have read the advice.