Danger! Danger Will Robinson!
Ok, maybe you don’t have anyone named Will Robinson on your operational on-call rotations. If not, you really should. It’s fun to wave your hands, yell “Danger! Danger!” and watch them roll their eyes at you. But I digress…
When building modern applications, managing permissions during operational events is a tricky problem.
Do you give your engineers access to everything? That’s dangerous and goes against all basic production security best practices. Have you ever seen how much harm an engineer can do to production at 2 o’clock in the morning without their coffee? To say nothing about what would happen if their credentials were compromised to a bad actor…
No, the best practice is to give your engineers as little access as possible. Then, escalate their permissions as needed during operational events only if and when it is needed.
But how do you create a process to escalate your engineers permissions during operational events without opening yourself up to the same dangerous activities you were trying to avoid in the first place?
Well, let me give you four strategies for how to give your engineers escalated permissions without sacrificing the security best practices that keeps your Chief Security Officer awake at night…dreaming of the robot waving his hands and yelling “Danger! Danger!”.
|Read the article here|