|
|
|
|
|
|
by hnuser77
2414 days ago
|
|
|
A few comments about how a non-negligent company handles user data: * They wouldn't respond to "emergency disclosure" requests from the Kingdom of Saudi Arabia about random users * The average developer has zero access to user data besides names in crash logs and things that the developer has been explicitly copied on in the support system. * Every command run on production servers by developers requires approval by someone above your org chart level (up to the executive level, when you just need someone at your level) and is logged forever. * SREs who have to shell in to servers use Unix accounts that have no access to user data. Root access, which should hardly ever happen, requires org chart approval. * Test environments use synthetic or anonymized data * There is a separate team of dozens of highly paid people whose only job is it to identify, classify, and monitor access to user data. This is not even the same as the infosec team, who also would be looking for insider breaches. |
|
|