Security considerations for DevOps Plan

You can take actions to ensure that your installation is secure, customize your security settings, and set up user access controls. You can also ensure that you know about any security limitations that you might encounter with this application.

File attachments

DevOps Plan does not perform any virus scanning for attachments prior to upload. It is the responsibility of the user to ensure that files that are uploaded to DevOps Plan are virus free.

Setting up user roles and access

  • DevOps Plan manages the change management records of an organization, department, or project in a database called the Application.
    • The best data isolation is provided by having a different application on a per-project or per-organization basis. User access to the application can be granted to control who can access the data in a database. DevOps Plan references to data records do not traverse across applications.
    • DevOps Plan provides a highly customizable system for controlling who can perform which action by using hooks. Hooks are entry points, like triggers, for scripts that run at specified times to control how users work in a DevOps Plan environment. Action access-control hooks can control who has permission to change record values. Field access-control hooks enforce access permissions that permit only the user groups that you specify to change field values. For more information, see Hooks.
  • DevOps Plan provides the User Administration tool for adding users and user groups, which controls access to DevOps Plan applications. Users and groups are then subscribed to a specific application.This subscription allows control over which users can access an application. For more information, see Working with users.
  • You can grant privileges to users to perform certain restricted operations in DevOps Plan. The Super User privilege grants all capabilities. The Super User can then grant other users their privileges. For more information, see User privileges.

Privacy policy considerations

Depending on the configurations that are deployed, this software offering uses cookies that might contain personally identifiable information. For information about this offering's use of cookies, see the Notices

Security limitations

DevOps Plan continuously enhances the security aspects of its components and remedies issues that are encountered. Plan to upgrade to the latest releases of DevOps Plan when they are available because these releases might contain security enhancements or corrections. Monitor the DevOps Plan security flash bulletins for security alerts and information about actions to perform.