Do you know how to educate your developers?

Updated by Brady Stroud [SSW] 1 year ago. See history

123

To ensure that developers have a clear understanding of how permissions are granted, it's important to educate them on the process. User sends an email with a task to grant access to a resource and SysAdmins grant it. A developer wouldn't know how a SysAdmin granted the permission.

❌ Figure: ![Bad Example - Issac wouldn't how he was added to GitHub](/uploads/rules/educate-your-developer/2024-03-05_16-34-15.jpg)

As a SysAdmin, call a developer on Teams and share the screen to show how you would grant permission to a resource. Warn them before calling as per Calling - Do you warn then call?

Steps to effectively educate your developers

  • Start by explaining the importance of granting permissions correctly and securely.
  • Show developers how to navigate to the appropriate access control section in the relevant platform (e.g., Azure, AWS, SharePoint).
  • Demonstrate how to select the specific resource or application for which permissions need to be granted.
  • Emphasize the principle of least privilege and guide developers on granting only the necessary permissions.
  • Provide examples of common scenarios where specific permissions are required and explain how to grant them.
  • Encourage developers to ask questions and seek clarification during the process.

Categories

Rules to Better System Administrators
acknowledgements
related rules