What is the nature of this Technical Support Request? Please describe the need/requirement in detail.
At the moment, it is not possible to know who made changes to the Reveal Thailand server environment because we:
Share common credentials to the Reveal production environment.
Access the server from a VPN so we cannot tell which IP address any changes emanate from.
This prevents us from being able to properly attribute changes to the production environment, which poses a risk.
Describe the solution you'd like
Have a clear way of knowing who accessed the production environment, the organisation they came from as well as the date and time that the changes were made.
Describe alternatives you've considered
The above can be accomplished by:
DVBD issuing the project team with organisation specific (CHAI, Biophics and Ona) credentials to allow for proper attribution going forward.
The installation of an auditing tool on the server to log details on server access and file changes.
What is the nature of this Technical Support Request? Please describe the need/requirement in detail.
At the moment, it is not possible to know who made changes to the Reveal Thailand server environment because we:
This prevents us from being able to properly attribute changes to the production environment, which poses a risk.
Describe the solution you'd like
Have a clear way of knowing who accessed the production environment, the organisation they came from as well as the date and time that the changes were made.
Describe alternatives you've considered
The above can be accomplished by:
Additional context
This has arisen from the following linked issues: