zlacker

[parent] [thread] 3 comments
1. warner+(OP)[view] [source] 2022-01-27 23:29:45
"...fairly bleeding edge best practices..."

By the time we implement any of these things, if ever, they certainly won't be. I work on military networks and applications, and it's hard for me to believe that I'll see any of this within my career at the pace we move. This is the land of web applications that only work with Internet Explorer, ActiveX, Siverlight, Flash, and Java Applets, plus servers running Linux 2.6 or Windows Server 2012.

The idea of "Just-in-Time" access control where "a user is granted access to a resource only while she needs it, and that access is revoked when she is done" is terrifying when it takes weeks or months to get action on support tickets that I submit (where the action is simple, and I tee it up with a detailed description of whatever I need done).

replies(2): >>static+uz >>post_f+oE
2. static+uz[view] [source] 2022-01-28 04:43:25
>>warner+(OP)
Maybe, but my hope is that this pushes external vendors that have government contracts to support these workflows.
3. post_f+oE[view] [source] 2022-01-28 05:49:08
>>warner+(OP)
It took us NINE MONTHS to get a server installed in a data center a few years back. This was Marine-Corps fielded hardware running an ATO'd[1] software stack for real-world situational awareness, going into a Marine Corps data center. The people that run the data center have a glacial Change Management process, exacerbated by everyone in their organization not talking to each other, even though they are separated by cubical walls.

I too have no faith of seeing this stuff implemented anytime soon...

[1] (Authority to Operate, basically approval from the highest IT authorities to utilize something on a DoD network)

replies(1): >>warner+nI
◧◩
4. warner+nI[view] [source] [discussion] 2022-01-28 06:26:49
>>post_f+oE
Haha, yes, my day-to-day work for the past two years has been fighting exactly this same fight on the Army side.
[go to top]