Re: Procedural Issues

[WALI <hkhasgiwale () gmail com>]

It's not noise kurt, the issue indeed started about 4 months ago but I am 
still stuck with some finer details and hence re-posted under the same thread.

Thanks for the reply.

Mine is not near to even a mid-scale production environment with about 6 
people in all but working on a highly sensitive inhouse financial/HR 
application.

Auditors demand that bring about some controls of duties within our 
development environment. I am trying to do the best and then declare the 
accepted risk.


At 02:39 PM 6/13/2007 -0700, Kurt Buff wrote:
> Sorry for the noise - I was looking in my gmail threaded view, and
> didn't notice the dates.
>
> Kurt
>
> On 6/13/07, Kurt Buff <kurt.buff () gmail com> wrote:
> > In a full-on, large-scale production environment, code moves something
> > like this:
> >
> > Dev
> > Test
> > Staging
> > Production
> >
> > Each stage has its own set of admins/support staff, who are
> > responsible for placing the approved software from the previous stage
> > into their environment, according to their individual requirements.
> >
> > Kurt
> >
> > On 1/8/07, WALI <hkhasgiwale () gmail com> wrote:
> > > In a software development environment, what risks do we have if we allowed
> > > software development team leader, access to Live production servers?
> > >
> > > Security demands that the two environments be segregated.
> > >
> > > If I segregate the two environments, who would shift the code from
> > > development to Live?
> > >
> > >
> > > 
> > ---------------------------------------------------------------------------
> > > This list is sponsored by: ByteCrusher
> > >
> > > Detect Malicious Web Content and Exploits in Real-Time.
> > > Anti-Virus engines can't detect unknown or new threats.
> > > LinkScanner can. Web surfing just became a whole lot safer.
> > >
> > > http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
> > > 
> > ---------------------------------------------------------------------------
> > >
> > >