March 6, 2007 at 11:33 am
The title refers more to business processes. Before I rock the boat too much at my company, I am curious to hear what others do. The problem I am wrestling with is how to best manage requests for new databases, user logins, application logins, etc.
Other areas of our IT department have implement formal documented request procedures for even the simplest of changes. Being one who does not care for unnecessary paperwork, I am reluctant to do the same. However, I can see the value in having an auditable trail of requests.
So, let me hear from you DBA's out there. How do you manage the requests for db's, logins, etc?
Gordon
Gordon Pollokoff
"Wile E. is my reality, Bugs Bunny is my goal" - Chuck Jones
March 7, 2007 at 3:36 am
My company has formal documentation requirements for new databses, users, logins, etc. on production servers. Per the policy, all objects must have an owner, so a request for a new database has to name the person owning the database and the data it contains. New user access must be approved by the owner of the data. SQL logins are discouraged, unless required by an application. Requests for new databases for new applications require a risk assessment as well, ensuring the appropriate controls are in place based on the nature of the data, etc. There are certain applications where support analysts are not allowed to see production data at all, due to the sensitivity of the data. This is true for HR data, business planning data, etc.
When in doubt, set up processes that document who owns production data, and who approved access to production data.
March 7, 2007 at 6:02 am
if your company does not have proper change management procedures and software to back it up (i,e remedy) you have a problem. I would not apply ANY change to a production server without a proper, correctly authorised change. You will get it in the neck if there are repercussions from a change made so you are right to insist on proper documentation and an audit trail.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply