Why developers should not have write access to production sytems

A few years ago I was working for a bill payments company. We were using checkfree's software for our presentation of bills and we wrote our own bill payments engine. The database was MS SQL Server and we were using log shipping to send data from the master to the  backup database server. It was  using EJB 2.0 and batch processing was pretty slow, so I decided to delete all the transaction data from my sandbox database except for the first month's data to test something. The only problem was that I typed the delete command in the sql window connected to the production database.

A few minutes later one of the utility companies called and said they could not see any transactions. My face went red. I actually felt the blood rush to it. I went to the DBA to ask if she could restore the database from the last back up only to find out that they did not know they were to back up that database. So I asked if we could change the backup database server to the become the master only to find out that the transaction logs had already been shipped to that database and that had the same data as the master.

I thought I was definitely going to get fired or go to jail. Fortuanately I found this program called Log Explorer that let me create insert statements for all the transactions deleted before the boss found out. It cost me a couple hundred dollars for a trail version but it was worth it. I checked at www.lumigent.com . They don't seem to make it anymore. Needless to say, I have been very weary of getting write access to anything in production ever since.

All of this could have been avoided if we:

  1. Secured the database server so that only the application could write to it.
  2. Have more than one person look over the plan of what is to be backed up.

 

 

 

This entry was posted in Stupid Things. Bookmark the permalink.

2 Responses to Why developers should not have write access to production sytems

  1. Shrijan says:

    I aclaulty undoubtedly allow what we contain thought. In actual fact, I personally shopped almost everywhere in the other similar article content and so i implement presume you are thoroughly right. Champion utilizing this type of on the net webpage.

    • Fifi says:

      (sorry about the English I’m on a non-hebre friendly phone)It seems you claim that tiohwu the networkmanager-pptp plugin, there is no option to connect to any VPN service even ones that has networkmanager plugins in previous Ubuntu versions, like OpenVPN.I assure you this is not the case I have been using OpenVPN with Ubuntu’s NetwotkManager since at least version 8.10 (I’m not sure about before that my memory doesn’t go far that much).להגיב

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>