Re: Back and a Question
- From: Nuno Souto <dbvision@xxxxxxxxxxxx>
- Date: Thu, 17 Aug 2006 23:07:31 +1000
rjamya wrote,on my timestamp of 17/08/2006 9:23 PM:
But here is the bottom line, completely disabling production access
isn't possible in all cases. We for e.g. get daily twice data from a
Completely disabling production access would probably result
in it not being called, well, "production"? ;-)
into prod, but our end users know the time when this data becomes
available in the company. and if they can't access in next 15 minutes,
they pick up the phone and start yelling. It is a business requirements
No one said end users shouldn't be allowed to use data.
The issue is: why is it needed for *developers* to
access that data other than through the application
interface itself? If the end users can't get to it
without first the developers getting to the data, then
something is wrong at the application level: nothing to do
with securing this or that.
In these certain types of conditions we let developers shadow user's
session but occasionally their managers let them in production as well.
That is fine, under appropriate control. Let's not confuse emergency
situations, where immediate action is needed by someone with
application knowledge, with general access to production by developers:
the two are not the same nor should they meet.
A friend of mine works for a financial company (not on the wall street),
their developers have read only access to production every day, because
they found out that, that helped them get issues fixed quickly.
Very dangerous. One thing is access when needed, another thing
is permanent access - be it read only or whatever - just
because it is "convenient".
--
Cheers
Nuno Souto
in sunny Sydney, Australia
dbvision@xxxxxxxxxxxx
--
//www.freelists.org/webpage/oracle-l
Other related posts:
