On Mon, Dec 18, 2017 at 9:30 AM, cornelia.enke66--- via dev-security-policy <[email protected]> wrote: > > Update on the long-term countermeasures: > At the first point - sorry for the delay. I missed to post my answer on > Fryday. > > We The occurred error caused by a human error we decided as a long-term > protection measure to carry out the setup in the 4 AP and all possible > restrictions in case of test accounts. > In this way, a repetition of the error is to be prevented. >
I'm not sure I fully understand this response, but I do want to stress that "human error" is not really a root cause. The root cause is what were the systems and controls that allowed that human error to result in the production incident, and what steps are taken to mitigate that in the future. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
