• Mountaineer@aussie.zone
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 months ago

    In a rapidly churning startup phase, where new releases can and do come out constantly to meet production requirements, this one size fits all mentality is impractical.

    If you refuse to whitelist the deployment directory, you will be taking 2am calls to whitelist the emergency releases.

    No it can’t wait until Monday at 9am, no there will not be a staged roll out and multiple rounds of testing.

    I am more than willing to have a chat; you, me and the CEO.

    • scops@reddthat.com
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 months ago

      No it can’t wait until Monday at 9am, no there will not be a staged roll out and multiple rounds of testing.

      I hope you’re doing internal product development. Otherwise, name and shame so I can stay the hell away from your product. This is a post-Crowdstrike world.

      • Mountaineer@aussie.zone
        link
        fedilink
        English
        arrow-up
        0
        ·
        2 months ago

        It IS bespoke internal development, not for deployment outside of the facility.
        The computers running the software exist only to run this software and have no business talking to the internet at all.
        IT is provided by an external third party vendor who operate on an inflexible “best practices dogma”.

        • Cypher@lemmy.world
          link
          fedilink
          arrow-up
          0
          ·
          2 months ago

          Sounds like you’re stuck in a worst practices mindset.

          Sign your damn releases and have the whitelisting done by cert.