Re: Back and a Question
- From: rjamya <rjamya@xxxxxxxxx>
- To: dbvision@xxxxxxxxxxxx
- Date: Thu, 17 Aug 2006 07:23:15 -0400
But here is the bottom line, completely disabling production access isn't
possible in all cases. We for e.g. get daily twice data from a company that
shall remain unnamed (for obvious reasons). That data contains TV ratings
and occasionally, something is screwed up in their data that requires the
responsible developer to go in and do manual cleanups because the data-load
is extremely complicated and causes various aggregations to happen
automatically. Or there is this overseas company that changes data format
without telling any of their clients, that was a lot of fun.
Now one might say, you can do this in test and if successful then load into
prod, but our end users know the time when this data becomes available in
the company. and if they can't access in next 15 minutes, they pick up the
phone and start yelling. It is a business requirements because they need to
generate daily reports for people who pay their salary and make major
decisions on rates/ratings etc.
An then again the lesser known phenomenon called
"it-didn't-happen-on-my-watch" whereby (oxymoron warning) a perfectly
developed and tested application breaks down in production when
1. Tiger wood is on the 12th hole and exactly in 72 hours there is a Full
Moon
or
2. when DHS raises security alert to Mauve.
In these certain types of conditions we let developers shadow user's session
but occasionally their managers let them in production as well. But since
they all know that we audit all their actions, no one does any mischief.
at-least none so far and they are pretty happy with the way things have been
set-up. And they only get access to production with limited privileges to
their own accounts, either using the application or using sqlplus. No other
gui tools are allowed.
AFAIK, developers production access is NOT against SOX, it is just that when
you put a control in, you document it, follow it, audit it to show that you
did everything you said you would. You know auditors don't know everything
about all businesses. If an old dog can be taught a new trick, so can be
auditors 8:)
A friend of mine works for a financial company (not on the wall street),
their developers have read only access to production every day, because they
found out that, that helped them get issues fixed quickly.
Raj
On 8/17/06, Nuno Souto <dbvision@xxxxxxxxxxxx> wrote:
Narh. Knock-up a coupla screens in htmldb or other similar RAD tool,
let them access data through an application interface, using a
given uid and "canned" sql. Audit every last breath of that id.
Last thing you want is a developer lose in a production system
with sqlplus or worse: sqlnavigator or some such development tool.
Or worse: an "educated" user with a tool like Toad or sqlnavigator:
what stops that user from taking the entire schema, sql and pl/sql
code and everything else easily available to their next job at
one of your competitors? Ah yes: ethics? Sure!...
Other related posts:
