Dev Access To Prod + A Lack of Backups = Big Problem
A Reddit poster called “cscareerthrowaway567” shared this tale of IT woe earlier this week.
“I was basically given a document detailing how to set up my local development environment…. which involves run a small script to create my own personal DB instance from some test data.
After running the command I was supposed to copy the database url/password/username outputted by the command and configure my dev environment to point to that database. Unfortunately instead of copying the values outputted by the tool, I instead, for whatever reason, used the values the document had.
Unfortunately, apparently those values were actually for the production database (why they are documented in the dev setup guide i have no idea). Then from my understanding that the tests add fake data, clear existing data between test runs, which basically cleared all the data from the production database.”
- It’s bad enough to accidentally delete your company database.
- It’s really bad to do it on your first day on the job.
- It’s really, REALLY bad that a new employee document had url/username/password information for a Production environment
- And it’s just plain terrible to be threatened with legal action (as he eventually was).
To view cscareerthrowaway567’s post, visit
A great number of Reddit commenters voiced support and pointed out the system-level flaws that led to the IT disaster.
From the outside, it appears this problem would have been avoided by
- Keeping Dev out of Prod environments.
- And by instituting a robust Role-Based Access Control (RBAC) management system.
- And Backups!
RBAC, like that found in Orca not only controls who can “do” and “approve” important software configuration changes to middleware and databases, it even restricts who can “view” environments as designated by administrators. Orca also helps backup and restore production-level configs.
This incident highlights yet again that while collaboration between Dev and Ops is great, we also need central, secure change control over middleware and database environments.