Originally Posted by
Nantonaku
What do you mean? If you have access via an API then you have access to the data. Do we or don't we have access? I'd assume they could easily give us GET permissions and not care what we do with the data as long as we don't make it public. Wasn't that the whole idea of giving ALPA API access? They don't have to allow any kind of Post or Delete access. Nothing about this is an IT security nightmare if properly designed.
One of the excuses the previous MEC chairman used to get rid of Ace was because they couldn't pass ITs test to gain access, at least as I was told by a rep when I raised the red flag on terminating that contract. I don't know enough about IT to have a real opinion here, just what I'm told.
Originally Posted by
AirCoxswain
It's the point where CS usually abandons the coverage ladder, so it's kind of relevant. It's also an easy place to spot the evidence of that if you have API read access to DBMS.
Sometimes, maybe not? They often abandon it well before the GS call goes out. Point is, it doesn't matter if you have an auto accept in to get paid for 23m7