Questions and Answers

How do I collect points?

  • +4
    Chosen as best answer
  • +1
    Posted answer
  • +1
    Posted question
  • +1
    Thumb up
  • -1
    Thumb down
2

by Don Garcia in Help Request about November 14, 2011 open - report

Oursourcing

I am considering outsourcing some work but don't want to provide access to our instance for security reasons, disclosure of IP, etc. Has anyone engaged third party developers on that basis where as example you specify that the code be installable using the standard package methods and additionally using a source code/security review to ensure no security issues or back door code is implemented. I.e. best practices, etc.?

Answers: 2  •  Score 1  •  Views: 365

2 Answers
Browse by
  • 94

    by Eugene about November 15, 2011

    If we do custom design or development that requires modification of the code we ask for server access. Also in case clients had problems with installation of our plugins we ask for it too. Often there are permissions settings which are incorrect or some other server related issue. Probably the best way is to have a dev. installation of the same server in some folder. It should not have any additional plugins and you can give access only to it.
    • Score: 0
  • 386

    by Nick about November 15, 2011

    Try to keep all new features in modules if possible. This way you won't need to provide any access. Except of course those modules will require complex setup on your server (for example video setup). I think it's safe to give server access to developers recommended by SocialEngine team.
    • Score: 0
    1 comment
    • Eugene
      by Eugene
      November 15, 2011

      Be very careful about access you provide. In case project is big - access to server is essential. However never give any access to server of SE admin to people you don't know (there is a lot of scammers who promise to fix something for free on your server...  more

You must login to post an answer.