Welcome to Amateur Hour
IBM yesterday announced that it is reverting to the pre-y2k licensing model for Lotus Notes whereby everyone would be entitled to the developer client for free. In many ways this is a good move on their part. My first experience beyond the Notes mail client was building a knowledge base for our fledgling software support group back in 1996. I was at an insurance underwriter with 33 different versions of software and no coherent way to collect and share solutions. Lotus Notes was the answer and the development tools were built right in.
So my question to you is this – are you ready for amateur hour? Do you have your servers sufficiently locked down to prevent publishing of unapproved databases? Think about it – it’s not difficult to write some LotusScript or Java code, deploy it to what is thought to be a hardened server, and gain access to the CEO’s mail file. All cleverly disguised as an app based on the discussion template.
My advice is this: Harden the crap out of your server. There should be one, maybe two names explicitly on the server doc allowed to create new databases or new replicas. And you should have a gong. Set up a gong in your little area and make a game out of publishing requests. Have the requesters come demonstrate their apps to you (you do have a separate development environment, right?). And dance around with a mallet. For better instructions, watch this video clip and you’ll see the band’s day end at the 57 second mark with the gonging.
Just an idea. Have fun and be safe out there, kids.