Just a couple notes inline:
> On Jul 8, 2018, at 8:46 PM, Gregg C Vanderheiden <[email protected]> wrote:
>
> OOPS - forgot to ask at the end. Are you ok with the plan with this
> additional information?
>
> We do need to do some work to implement this — but it is a lot less than
> securing the AWS or trying to get Google up and secure.
>
> If everyone is ok - then we need to scope this out - and see just what is
> needed and book it.
>
> I will write it up in more detail if this looks good as a general approach -
> and we can examine it in more detail.
>
In general I think it's good, because I'm partial to having some additional dev
and testing resources put in to our default Cloud Safe logins and key setups.
I'm not completely sure the issues surrounding why we won't feel comfortable
putting the emails on AWS outside of ferpa environments, but I know there are a
lot of logistics and things being worked out by the ops and logistics team.
> Let me know
> Gregg
>
[snip]
>> - Since there are no identifiers, there is really no way we could reset
>> somebodies password if they lost it, they'd have to start from scratch.
> GV: we are also asking for their email - but that information is not stored
> on our servers - so our servers do not need to be secure.
>> I'm not sure how the offline email strategy below would actually work to
>> give someone support if they lost their information. Are the technical
>> details written up for that somewhere?
> GV: This is being documented. But yes - if we lose the key sheet we will
> lose access to their account. So we will have offline backup. Also, all
> that is being saved at this point is a small number of settings. So even if
> they did lose their PW and we did lose their name - it would take them a
> minute or two to set it back up.
Sooo, we'll just be storing a list of "emails -> CloudSafe IDs" in like a
Google Doc, or a notebook in the locker at the AJC or something like that? I'm
imagine that is all part of the extra details being written up.
Cheers,
Steve
_______________________________________________
Architecture mailing list
[email protected]
https://lists.gpii.net/mailman/listinfo/architecture
