D
D
d3ZORg2012-11-02 12:33:03
linux
d3ZORg, 2012-11-02 12:33:03

How to restrict access for an intern developer?

Perhaps I will state a little chaotically, but I will try to put it on the shelves.
A new developer will soon join the organization as an intern. The management set the task to restrict the developer's access to the available information in the project, in particular to the contents of the database.
Naturally, he will have access to local servers on which testing is carried out and a virtual machine on which development is actually carried out.
Internet in the office without any restrictions on access, I think a person from the IT sphere can upload a spherical dump to a file hosting service (which cannot be closed), or in extreme cases, use a flash drive (approx. usb can be disabled).
Actually a question for the system administrator. If you do not take into account all sorts of NDA / honest pioneering and other paper-verbal methods and take into account that all developers should have access to almost the entire database by design, otherwise they just don’t give a damn about idleness, is it possible to protect themselves from possible data leakage ?

Answer the question

In order to leave comments, you need to log in

3 answer(s)
N
Nikolai Turnaviotov, 2012-11-03
@d3ZORg

1. What I would do is delimit the entire solution - into separate projects - components, into separate repositories.
2. Gave access to the new developer to the repositories he needs, let him have fun there, let more advanced developers approve changes to his code after checking his code, for example.
3. Of the harsh protection options - developing on a virtual machine through the same vnc / rdp with a ban on synchronization of the clipboard of the terminal connection and the machine on which it is running, i.e. the standard feature is to copy the code in the rdp session to the clipboard and paste it into notepad on the working machine with which you connect via rdp will no longer work - to pull out the code you will have to take a lot of screenshots - this was practiced by a friend in the office, but there the software is very bank-tricky, and the virtual machine was reset to the default state after the end of the working session and had access only to the development servers, the production servers were maintained and the code on them was laid out by verified employees in another department.

R
relgames, 2012-11-02
@relgames

The question itself already contains the answer :) If you have separate servers for testing and a separate virtual machine for development, then you just need to close access to the production base/server.
And on test servers to use test bases. If you need a lot of data, generate it.

I
Inori, 2012-11-02
@Inori

And what's the problem with just not letting them into combat servers? In the sense of why not raise a local database with fake data?

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question