Open AoifeHughes opened 1 year ago
Chris will initiate contact with AISH around best practices.
Placed in "Needs more info" because contact was made with AISH around best practices, I believe (?) but what is the follow up needed here?
@chrisdburr Can you clarify what/if we need to address this issue after the conversation with AISH, especially now that we have outsourced the login authentication to GitHub's OAuth?
From IT's perspective, they would be happy with some form of penetration testing.
I also need to setup a conversation with legal, but I'd like to finish the work with Fruto and OCC first.
Ok, thanks! I'll leave this in "Needs more info" and will move it to "Won't have" for now.
Changing term in issue for sensitivity + making epic
IT suggested penetration testing of platform, if we make accessible data storage through web app.
Needs to happen before end of July, but cannot happen before we have the new system up and running.