Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
· Home
· Content
· Feedback
· News
· Search
· Statistics
· Surveys
· Top
· Topics
· Web Links
· Your_Account


The five ITIL books can be obtained directly from the publisher's website:

Or as downloadable PDFs: HERE

Current Membership

Latest: edadag
New Today: 40
New Yesterday: 70
Overall: 230497

People Online:
Visitors: 126
Members: 0
Total: 126



Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Related Resources

Service related resources
Service Level Agreement

How to set up
IT Change Management
Process Info-Graphic

NOTE: ITIL is a registered trademark of OGC. This portal is totally independent and is in no way related to them. See our Feedback Page for more information.


Select Interface Language:

Please contact us via the feedback page to discuss advertising rates.

The Itil Community Forum: Forums

ITIL :: View topic - Who is allowed Raw Database Access?
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Who is allowed Raw Database Access?

Post new topic   Reply to topic    ITIL Forum Index -> Change Management
View previous topic :: View next topic  
Author Message

Joined: Aug 10, 2010
Posts: 9
Location: Sydney Australia

PostPosted: Thu Aug 19, 2010 5:36 pm    Post subject: Who is allowed Raw Database Access? Reply with quote

Hi guys. In an age where everything is stored electronically, databases drives virtually every aspect of a business. Which is why I believe that this is a particular area Change Managers should be extremely strict about.

In a client of mine, due to the nature of 'urgent fixes', at times Developers are given Production DB access to either,
1) query, simulate the issue or
2) fix it directly QUICK QUICK!

Such practice has eventually given the rise to some of our BAs even having direct access to PROD too!

It is a shocker I know!!!

I often think about the risks involved, as sometimes these changes to the PROD environment do not go through proper CM processes and even though each step taken may be written down somewhere ... there could have been accidental mistakes resulting in enormous cost to recover or fix corrupt data etc, or worst, the organisation very well could have been defrauded through some form of embezzlement un-beknown to them.

As I think about this, I decided to take the step further, even people in Production Support or DBAs at the end of the CM process, even them having direct prod access could be a risk to a business. Often a CR would have been created, gone through the cycles, and then it is up to Prod support to execute the final steps in Prod. Who is to say that they would not do something outside the realms of the CR as they perform the execution?

I think the solution is in Software Automation which is why I have put together my Software. Because Software Automation will be able to track the changes, and even automate the change deployment! Which is what my tool does for DBs.

But I wanted to know from this forum, what are permissible buffers organisations are willing to accept to allow individuals to have direct raw database access?

I have often heard the saying, "If you can't trust them doing the job, you can't trust anyone"... and with Billions of Dollars worth under management... I kind of NOT want to trust anyone. Any thoughts?
Back to top
View user's profile Send e-mail Visit poster's website
Senior Itiler

Joined: Sep 16, 2006
Posts: 3595
Location: London, UK

PostPosted: Thu Aug 19, 2010 5:48 pm    Post subject: Reply with quote


Quit doing sales in this forum. You have already posted more than once about your application.


This can be easily controlled by proper ITIL oriented, SOX oriented, CoBIT orient Change Management and Release Management process

Instead of tryign to sell them a tool, have them change their processes so things like this does not happen

It does not happen where I am or have been as this is the first thing I try to control
John Hardesty
ITSM Manager's Certificate (Red Badge)

Change Management is POWER & CONTROL. /....evil laughter
Back to top
View user's profile
Senior Itiler

Joined: Oct 19, 2004
Posts: 173

PostPosted: Thu Aug 19, 2010 6:15 pm    Post subject: Reply with quote

I have edited his post and a final warning has been sent. Some vendors never seem to get that this sort of thing actually damages them rather than helps them.
Back to top
View user's profile
Display posts from previous:   
Post new topic   Reply to topic    ITIL Forum Index -> Change Management All times are GMT + 10 Hours
Page 1 of 1

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Powered by phpBB 2.0.8 © 2001 phpBB Group
phpBB port v2.1 based on Tom Nitzschner's phpbb2.0.6 upgraded to phpBB 2.0.4 standalone was developed and tested by:
ArtificialIntel, ChatServ, mikem,
sixonetonoffun and Paul Laudanski (aka Zhen-Xjell).

Version 2.1 by Nuke Cops 2003

Forums ©


Logos/trademarks property of respective owner. Comments property of poster. Rest 2004 Itil Community for Service Management & Foundation Certification. SV
Site source copyright (c)2003, and is Free Software under the GNU / GPL licence. All Rights Are Reserved.