How do you get buy-in from the IT team around R package security concerns? [Excel -> R Meetup Q&A]

A Question from Meetup: Making the Shift from Excel to R: Perspectives from the back-office

Smita: I have a really hard time convincing the security team about package security and every package they want to analyze, but they don’t necessarily know R. How do you do that?

  • Mandip: I had a similar type situation, I tried to stick with the tidyverse initially. My team looked through it, I sent them some resources from RStudio and they were okay with it. Maybe someone else wants to weigh in as well?

  • Rachael: I know we all have different use cases and approaches here but as Tony has mentioned, we have RStudio Package Manager where a team could have their own repo of all the packages that you use across the organization installed behind your firewall

  • @kellobri We have lots of folks internally here who would be more than happy to have conversations and answer any questions with your team. We also have a security group here at RStudio who can help vet our professional products with your security team. The packages themselves are not something that we at RStudio control but as Rachael mentioned, we do have the Package Manager which can give you some curated sets of packages if you care to validate which packages you’re actually allowing for usage in various development environments or in your production environment. There are a bunch of different strategies that we can help walk you through that are great options for getting into the world of open source data science and [package management. Those can be very open in development and very locked down in production, so there are lots of different approaches there.

  • Rachael: A lot of the questions today are around very different topics, so if anyone wants to dive deeper into their specific questions with our team, I’m happy to help set that up as well. (feel free to message me here on community as well)

  • Rachael (in chat): Helpful webinar for conversation on packages: Managing Packages for Open Source Data Science - RStudio