Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Why don't they give the application team a few extra servers to do whatever on without asking for permission?


Because without good organizational controls, the developers will put those servers into production with no HA, backups, and insecure configuration.

I’ve seen it multiple times in my careeer.


That makes a lot of sense. I can see how using cloud solves for HA and backups. But how does insecure configuration come in?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: