March 10, 2011 at 10:39 am
Steve Jones - SSC Editor (3/10/2011)
This also typically violates the SOX rules of separation of duties. I don't agree with developers having access to production by default. There are security issues, privacy issues, etc. If you are of any size, you ought to have separate people looking at things. Or automatically be restoring last night's backup to a QA type server to check on production issues.
That's the difficult part when moving from being a small company with 3 or 4 developers who do everything to becoming a larger one with people becoming more specialized. It's something we're going through at the moment though, so discussions like this are helpful.
March 10, 2011 at 12:53 pm
I would hope that the poll would show differently for SQL Server DBAs. DBAs should have a handle and some knowledge of the security surrounding the data for which they are custodians.
Jason...AKA CirqueDeSQLeil
_______________________________________________
I have given a name to my pain...MCM SQL Server, MVP
SQL RNNR
Posting Performance Based Questions - Gail Shaw[/url]
Learn Extended Events
March 10, 2011 at 12:55 pm
CirquedeSQLeil (3/10/2011)
I would hope that the poll would show differently for SQL Server DBAs. DBAs should have a handle and some knowledge of the security surrounding the data for which they are custodians.
I think that would depend on two things.
1) How do you define a DBA? Are we talking sysadmin production DBAs, developmental DBAs, or ETL DBAs? Only one of those three are going to be involved in the care of the backups and recovery methods.
2) What exactly are you going to poll? Encryption type security or Recoverability and integrity security? The need for the latter far outweighs the needs of the first.
Never stop learning, even if it hurts. Ego bruises are practically mandatory as you learn unless you've never risked enough to make a mistake.
For better assistance in answering your questions[/url] | Forum Netiquette
For index/tuning help, follow these directions.[/url] |Tally Tables[/url]
Twitter: @AnyWayDBA
March 10, 2011 at 4:18 pm
Our organization is in development. So a development lead/mgr dictates production operations, basically just drop anything that a production DBA handles, give what the dev lead says, bending backwards.
Hmmm, this protocol very well works for Microsoft shops. We all know that later SQL Server versions are developer friendly meaning a C# and a .NET developer can write CRUD and server configurations in .NET and manage production databases. I believed it when I saw it. So where is data protection/data encryption.
Why it is not possible to encrypt:
1. Lets say, you have a third party tool to encrypt sensitive data in production, you will have to install the encryption tool to troubleshoot in development.
1a. SQL Server encryption, for troubleshooting, you will give the master key to devs.
2. Most of the dev shops depend on Microsoft products, either today or tomorrow devs will become sysadmins of production databases.
It is good someone addresses/concerned about these.
Thanks.
March 10, 2011 at 7:06 pm
CirquedeSQLeil (3/10/2011)
DBAs should have a handle and some knowledge of the security surrounding the data for which they are custodians.
I absolutely agree, however as pointed out in my first post if management circumvents that where do you go from there?:-D
"Technology is a weird thing. It brings you great gifts with one hand, and it stabs you in the back with the other. ...:-D"
March 10, 2011 at 7:52 pm
Brilliant! This was the perfect followup to the other editorial you wrote on what acceptable data loss is and the cost of protecting data at different levels. Thanks, Steve.
--Jeff Moden
Viewing 6 posts - 16 through 20 (of 20 total)
You must be logged in to reply to this topic. Login to reply