[Owasp-board] Salesforce access

Jim Manico jim.manico at owasp.org
Tue Jan 8 20:08:13 UTC 2013


The SalesForce data is such a sought after trove of information to vendors,
I think it's a good idea to limit access as our full time staff see fit.
And the more our full time staff make operational decisions like this, the
better, IMO.

--
Jim Manico
@Manicode
(808) 652-3805

On Jan 8, 2013, at 5:56 AM, Matt Tesauro <matt.tesauro at owasp.org> wrote:

I, for one, definitely don't want access. When I was working on it in
Montevideo, I realized there was a treasure trove of contact information in
Salesforce (which is great for the foundation) but I didn't want to be open
to any kind of a complaints about me harvesting info out of Salesforce for
my employer aka Rackspace.  I figured giving the employees access keeps a
nice clear line between a ton of contacts/marketing data and someone who's
not 100% OWASP (aka me).  I told Sarah and Kate that if they had technical
issues, they can add me in to address those then take me back out when
whatever is fixed.

@ the CRM project - I kinda figured that was either done or handed over to
the employees.  Kate, Sarah, Samantha and Kelly seem to be using Salesforce
in ever increasing amounts so I'm not sure a project is really needed if
the employees are running things now.  Its awesome that you did that to
begin with as it was desperately needed but now that the foundation has
more employees and they are using Saleforce more and more, I'm not sure its
really needed.

Also, though there is something to "everything is a project", I'm not sure
that having projects that are strictly for OWASP internal consumption
really helps our external audience.  For someone who's not up on day to day
OWASP stuff, that project would seem odd.  I recall that Dinis was a
proponent of everything is a project but I never thought it helped
non-community members much at all.

Matt's 2 cents.

--
-- Matt Tesauro
OWASP WTE Project Lead
http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
http://AppSecLive.org - Community and Download site


On Mon, Jan 7, 2013 at 10:46 PM, Tom Brennan <tomb at owasp.org> wrote:

> Considering I recruited salesforce to donate the platform, they gave us 10
> licenses, I set-up the OWASP project
> https://www.owasp.org/index.php/Category:OWASP_CRM_Project and set-up the
> platform you removed my account without discussing it with me.
>
> Had cycles to work on some items and was unable to volunteer -- time.
>
> I'll call you tomorrow so you can fix it.
>
>
> On Mon, Jan 7, 2013 at 3:54 PM, Kate Hartmann <kate.hartmann at owasp.org>wrote:
>
>> Tom, I received your request to set up a Salesforce account.  As Matt has
>> gone through and reworked some of the security for gmail, wiki, and yes,
>> Salesforce, I would need to understand why the access is necessary, and at
>> what level you feel you need to be set.
>>
>> We (I) have been doing quite a bit of work in the system.  I have some
>> areas that I could use help with (setting up a customer portal), but am not
>> sure why you would just need access.  We have a limited number of user
>> licenses.
>>
>> Kate Hartmann
>> Director
>> +1 301-275-9403
>> Skype:  kate.hartmann1
>>
>>
>
_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20130108/538808cc/attachment-0001.html>


More information about the Owasp-board mailing list