undefined | Better HN

0 pointsrr8883y ago0 comments

In the past I've done a few different ways but now I see strict infosec rules, That part is more important than where it runs. eg My last job we had a workflow where you needed a ticket approved by second eyes, which used CyberArk to create a new remote desktop running a DB IDE where you could do your business. Commands were tracked but no real restriction..

New firm you get your personal account temporary RW permissions via a centralized service.

0 comments

mitchpatin3y ago

The "temporary access" approach seems to be pretty popular based on our conversations with engineers at large-ish tech companies. We hadn't heard of anyone using a remote desktop for this problem, though.

j / k navigate · click thread line to collapse

0 pointsrr8883y ago0 comments

New firm you get your personal account temporary RW permissions via a centralized service.

0 comments

mitchpatin3y ago

j / k navigate · click thread line to collapse