Joined: Aug 10, 2010 Posts: 9 Location: Sydney Australia
Posted: Thu Aug 19, 2010 5:36 pm Post subject: Who is allowed Raw Database Access?
Hi guys. In an age where everything is stored electronically, databases drives virtually every aspect of a business. Which is why I believe that this is a particular area Change Managers should be extremely strict about.
In a client of mine, due to the nature of 'urgent fixes', at times Developers are given Production DB access to either,
1) query, simulate the issue or
2) fix it directly QUICK QUICK!
Such practice has eventually given the rise to some of our BAs even having direct access to PROD too!
It is a shocker I know!!!
I often think about the risks involved, as sometimes these changes to the PROD environment do not go through proper CM processes and even though each step taken may be written down somewhere ... there could have been accidental mistakes resulting in enormous cost to recover or fix corrupt data etc, or worst, the organisation very well could have been defrauded through some form of embezzlement un-beknown to them.
As I think about this, I decided to take the step further, even people in Production Support or DBAs at the end of the CM process, even them having direct prod access could be a risk to a business. Often a CR would have been created, gone through the cycles, and then it is up to Prod support to execute the final steps in Prod. Who is to say that they would not do something outside the realms of the CR as they perform the execution?
I think the solution is in Software Automation which is why I have put together my Software. Because Software Automation will be able to track the changes, and even automate the change deployment! Which is what my tool does for DBs.
But I wanted to know from this forum, what are permissible buffers organisations are willing to accept to allow individuals to have direct raw database access?
I have often heard the saying, "If you can't trust them doing the job, you can't trust anyone"... and with Billions of Dollars worth under management... I kind of NOT want to trust anyone. Any thoughts? _________________ Al_RelEZ_Al
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum