0

Possible Duplicate:
SysAdmin & Developer: Responsibilities

Suppose, I have 20 servers:

  • We keep data in Linux servers
  • Developers often need to Login to the server to debug some issue
  • Sometimes they have to access user data and run through the app in production to replicate a problem that was not reproducible in test environment

What are the best practices for this situation?

Community
  • 1
Sabya
  • 746
  • 3
  • 9
  • 22
  • I don't agree that the "Possible Duplicate" is a really a duplicate of this question. I am asking "How to allow developers access to user data". The other question is asking "who will keep the server updated with latest software updates". – Sabya Dec 27 '12 at 10:08

2 Answers2

0
  1. Make sure that each developer has his own account (you might want to use SSH Public-Key Authentication instead of password authentication).
  2. Limit ssh access to certain IP ranges and/or enable access only via VPN.
  3. Use patches for the Linux kernel e.g. grsecurity.
  4. Make sure that each developer has some idea about security issues.
  5. Use some tool for server monitoring.
  6. Pray.
FINESEC
  • 1,371
  • 7
  • 8
  • Is there any way to avoid #1? Because when employees leave and it is easy to forget to change keys. – Sabya Nov 30 '12 at 13:13
  • 2
    Well, it's the of job of server admins to keep track of such things. Usually it's as simple as deleting authorized_keys file from user directory. – FINESEC Nov 30 '12 at 13:38
  • You can use a shared account that they all use, but that defeats the purpose of 'improving security'. How is having 5 accounts for people that have left worse than having just one account that everyone knows that still exists after they leave? –  Nov 30 '12 at 21:48
0

The best practice is hiring people you can trust and making that a decent part of the hiring process. We have 150 developers who all have access to production systems for troubleshooting and for code rollouts. They also have access to copies of production data, with only the creditcard details removed from them.

This is impossible to do if you do not trust your employees, so you better make sure you can trust them :)

Dennis Kaarsemaker
  • 18,793
  • 2
  • 43
  • 69