# Security ## Access to GitHub and deployment environments All GitHub accounts with access to `island-is` need to have two-factor authentication (2FA) enabled. This is enforced at the organization level. ### Gaining write access to the codebase and AWS To join one of the teams at the GitHub organization `island-is`, one of the Delivery Managers needs to request that in the Slack channel #organizational-access-changes. After approval from a representative of Stafrænt Ísland, the GitHub account will be added. ### Team members leaving When a team member is no longer working for Stafrænt Ísland, the Delivery Manager whose team the member belonged to, needs to announce that on Slack channel #organizational-access-changes. DevOps team will revoke the team member's account access to the GitHub org and AWS accounts. ### Periodic review of team members Every month DevOps team will remind the Delivery Managers to review the list of team members that have access to GitHub. In case Delivery Managers discover team members that are no longer working for Stafrænt Ísland, they need to notify DevOps team on Slack channel #organizational-access-changes. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.devland.is/development/devops/security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.