Migrate Internal Acceptable Use Policy Changes to New Handbook
Why is this change being made?
💡 Provide a detailed answer to the question on why this change is being proposed, in accordance with our value of Transparency.
Original MR. We've since migrated the old Handbook and the original MR was updating the old MR but the Internal Acceptance Use Policy has since been migrated to the new handbook.
The following was pulled from the Slack Announcement (internal only) related to this MR, adding here for retention and
- Team Members can integrate authorized systems with their GitLab Google Workspaces. Unauthorized systems cannot be integrated until they have been authorized via Privacy and Security Third Party Risk Management review.
- This restriction will only apply to new installations, in particular to those that result in the external storage or transmission of Orange or Red GitLab data. Existing installations will not be impacted.
- Going forward, we will be following the Individual Use Software Intake Process to ensure Privacy, Legal and Security Reviews are conducted (where applicable) to formally approve Google Workspace Integrations
If you have any questions about this change, please comment in the IT Change Management issue (internal-only), or reach out to #it_security_help (internal-only) Slack channel. Thank you for your support and continued vigilance.
Author and Reviewer Checklist
Please verify the check list and ensure to tick them off before the MR is merged.
-
Provided a concise title for this Merge Request (MR) -
Added a description to this MR explaining the reasons for the proposed change, per say why, not just what - Copy/paste the Slack conversation to document it for later, or upload screenshots. Verify that no confidential data is added, and the content is SAFE
-
Assign reviewers for this MR to the correct Directly Responsible Individual/s (DRI) - If the DRI for the page/s being updated isn’t immediately clear, then assign it to one of the people listed in the
Maintained bysection on the page being edited - If your manager does not have merge rights, please ask someone to merge it AFTER it has been approved by your manager in #mr-buddies
- The when to get approval handbook section explains the workflow in more detail
- If the DRI for the page/s being updated isn’t immediately clear, then assign it to one of the people listed in the
-
For transparency, share this MR with the audience that will be impacted. -
Team: For changes that affect your direct team, share in your group Slack channel -
Department: If the update affects your department, share the MR in your department Slack channel -
Company: If the update affects all (or the majority of) GitLab team members, post an update in #whats-happening-at-gitlab linking to this MR - For high-priority company-wide announcements work with the internal communications team to post the update in #company-fyi and align on a plan to circulate in additional channels like the "While You Were Iterating" Newsletter
-