a recent discussion has taken place about how best to address enterprise customer concerns on policies relating to holding of customer data.
While this issue isn't going to target a full solution to this problem, there are some key points that I feel most projects should adhere to.
I fully expect this to turn into a sliding scale, where basic requirements are:
per user access to services
every developer has most rights for ease of use
bastion service for accessing service ports on infrastructure
to super hardened, where requirements are:
per user access to services, with enforced MFA (maybe all of "what you know", "what you have", "what you are")
a recent discussion has taken place about how best to address enterprise customer concerns on policies relating to holding of customer data.
While this issue isn't going to target a full solution to this problem, there are some key points that I feel most projects should adhere to. I fully expect this to turn into a sliding scale, where basic requirements are:
bastion service for accessing service ports on infrastructure
to super hardened, where requirements are: