We are looking into some of the measures needed to comply with the new Dutch legislation on Data-leaks. Q1) Is it possible to to have ALL actions on the production environment that have to do with a) deploying to Prod b) back-up and recovery actions to be subject to a two-person-authentication ? Q2) How would you go about setting up MxAdmin / Security to comply with the restriction that it may NOT have any access to actual data in the App. Most specific, how can you create enough insight/reporting to satisfy the App-owner?
Lex van Rooy
I can't answer number 1. For number 2, we frequently create a role just for the MxAdmin account, which only has the ability to create a regular "admin" user.
As to question 1: no that's not possible at the moment.
You could possibly fulfil this requirement by having one person know the password and the other owning the two-factor authentication?