Procedures to Control Installation of Software

Owned by Roxy Sanchez
Last updated: Dec 16, 2022 by leigh

Does your organisation have procedures in place to control the installation of software on IT production systems (such as servers)?

Due to the nature of the service architecture (use of AWS, etc), parts of this are managed by third parties:

  • Hosting of Commonplace is managed under Amazon’s Shared Responsibility Model.

    • All our laptops are managed by JamfPRO which applies restrictions to the device including removal of administrative rights and limiting available apps for installation.

    • To prevent packages being installed via the Commonplace source code, all new code is subject to peer review and automated testing. Additionally, we use a number of monitoring and reporting tools to detect new libraries and other packages.

    • Only a very limited number of individuals have admin access to our hosting environment.

  • Service to send Emails from Commonplace is managed by Twilio Sendgrid

  • Provision of hosting for Images is managed by Cloudinary