A 'development team access policy'?
Does anybody have any experience of implementing a 'development team access policy'?
What do I mean by this term?
Working in a large, highly regulated (and controlled) organisation all staff member are subject to the same local machine restrictions, i.e. website access, inability to run .exes, install browser extensions etc.
I am working on a proposal to standardize a development team policy, whereby team members have complete control over their local system. I hope to see less time wasted circumventing these measures, which in reality is all that happens.
If you have any experience in fighting this battle, I'd appreciate your input.
I'm particularly interested in the 'how' i.e. VLAN, filtering/sweeping etc. Realistically, considering the type of environment in which this organisation operates, certain security controls would still need to be in place.
I did have a similar experience at a previous assignment (highly regulated financial firm, strict security restrictions).
Our approach was to create a single "dedicated" on-site workstation with relaxed security controls. The workstation basically served as a "gate" to access websites otherwise restricted to the development team, in order to facilitate learning and aid development. The team was also able to use the relaxed machine restrictions to try different configurations to help their sprint development and testing.
Unfortunately, I cannot provide specifics on the "how" part, but my suggestion is to try a small "experiment" with operational and organizational oversight, as opposed to seeking a sweeping change to machine security and configuration for all of your Development Team members.