Y
Hacker News
new
|
ask
|
show
|
jobs
by
dijit
29 days ago
in my org, devs don’t have access to customer data directly, and sysadmins don’t have access to modify code.
It’s a simple rule from a simpler time, to limit the risk of total compromise.
1 comments
Arbortheus
29 days ago
Repos should not contain customer data.
link
dijit
29 days ago
Private Repos, in githubs case, might
be
customer data.
link
rgblambda
29 days ago
I think this might be more aimed at ensuring that if an attacker gains access to cloud login credentials via a compromised dev machine, those credentials can't then be used to access customer data.
link