|
|
|
|
|
|
by _jal
1799 days ago
|
|
|
Not uncommon in early-stage startups. I've learned to build these sorts of things with access control and auditing up-front, but certainly have built my share of attractive nuisances over time. My advice is stub something out up front, before you go to production. You don't have time to do it right, but you do have time to establish the norm. Even if your audit trail is just a two-minute DB trigger that records that Worker Bob changed Customer Alice's password yesterday at 11, make it clear that there needs to be an articulable reason at hand for having used mechanisms that may violate users' trust. |
|
|