1/2/2013 1:23:45 AM
How do others structure and organize their secrets? Control access?
Am considering doing it in several different ways:
Thoughts on the above? Lessons learned? I'm trying to think how I structure the Personal secrets. Is there the concept of a "Home Directory" folder for users? Or could everyone's personal secrets just go in one top level folder and permissions are set automatically? I'm thinking it makes more sense to have a Personal/Home folder with subfolder per user so permissions can be inherited more easily...
- Team Secrets - Access based on departmental or team ACL's. Up to a group manager to organized secrets and grant access as they see fit (example: Database Team, Security Team)
- Application / Environment Secrets - Similar to the above but based on individual applications or environments (example: Active Directory Administrators, Web Application XYZ Team)
- Personal Secrets - Each user can store their own secrets
Curious to hear how others out there have done this. We have around 3000 users who may eventually have access to the system so getting this right/scalable from the get-go is important.