Do you know how to educate your developers?

Last updated by Harry Ross [SSW] about 2 months ago.See history

To ensure that developers have a clear understanding of how permissions are granted, it's important to educate them on the process.

User sends an email with a task to grant access to a resource and SysAdmins grant it. A developer wouldn't know how a SysAdmin granted the permission.

2024 03 05 16 34 15
Bad Example - Issac wouldn't how he was added to GitHub

As a SysAdmin, call a developer on Teams and share the screen to show how you would grant permission to a resource. Warn them before calling as per Calling - Do you warn then call?

Steps to effectively educate your developers

  • Start by explaining the importance of granting permissions correctly and securely.
  • Show developers how to navigate to the appropriate access control section in the relevant platform (e.g., Azure, AWS, SharePoint).
  • Demonstrate how to select the specific resource or application for which permissions need to be granted.
  • Emphasize the principle of least privilege and guide developers on granting only the necessary permissions.
  • Provide examples of common scenarios where specific permissions are required and explain how to grant them.
  • Encourage developers to ask questions and seek clarification during the process.
We open source. Powered by GitHub