Clean up Security Best Practices (!25280) · Merge requests · GitLab.com / www-gitlab-com

Antony Saba requested to merge asaba-security-best-practices-update into master Jun 28, 2019

Some of the guidance under "Best Practices", was either out date, or vague and inconsistent with newer guidelines like the "Password Policy". I've also attempted to crosslink more with other relevant policies and actual requirements where there now are some, like the internal Acceptable Use Policy (AUP).

New items:

Enable host firewall on macOS
Install other security software, such as anti-virus
Reasoning for not requiring VPN usage and not prioritizing a corporate VPN solution

cc @gitlab-com/gl-security/secops @gitlab-com/business-ops/itops @mloveless @gitlab-rmitchell @gitlab-com/gl-security/compliance

Edited Jul 03, 2019 by Antony Saba

Clean up Security Best Practices

Merge request reports