Page MenuHomeMiraheze

Determine a proper mailerlite access policy
Closed, DeclinedPublic

Description

We really should follow the principle of least privilege for this, we give pretty much all permissions to quite a bunch currently.

Currently,
All staff and board members have full access except @labster who is accountant.

I’ve assigned this to @Owen to start so he can review any legal side to this.

Please treat the account as property of Miraheze Limited.

Related Objects

Event Timeline

RhinosF1 triaged this task as Normal priority.Dec 7 2019, 14:24
RhinosF1 created this task.
RhinosF1 raised the priority of this task from Normal to High.Dec 7 2019, 14:26
RhinosF1 updated the task description. (Show Details)
RhinosF1 added a subscriber: labster.

Marking as high as we should be doing this as soon as possible, a large amount of private data is held on this for anyone who submits it.

RhinosF1 changed the task status from Open to Stalled.Dec 7 2019, 18:15

We'll continue deploying some test pages but deployment to any more parties is blocked due to a bug.

RhinosF1 changed the task status from Stalled to Open.Dec 7 2019, 18:16
RhinosF1 added a subscriber: RhinosF1.

We'll continue deploying some test pages but deployment to any more parties is blocked due to a bug.

Wrong task - scrap that

Reception123 lowered the priority of this task from High to Normal.Dec 31 2019, 15:41

Not looked at in a while, moving to normal priority.

Owen removed Owen as the assignee of this task.Jan 16 2020, 18:14
Owen added a subscriber: Owen.

Not a lot for me to do, it's a tool which SRE is operating externally. They're aware of appropriate access requirements for sensitive data.

Paladox claimed this task.
Paladox added subscribers: NDKilla, John, Southparkfan, Paladox.

We're not using this so declined. Unless @Southparkfan, @John, @Reception123 or @NDKilla think we should.

Paladox removed Paladox as the assignee of this task.Apr 1 2020, 01:39