RE: Protecting production from "us"
From: Iggy Fernandez <iggy_fernandez_at_hotmail.com>
Date: Fri, 4 Dec 2015 08:35:47 -0800
Message-ID: <BLU179-W27882CB71315F639ABAA48EB0C0_at_phx.gbl>
There is a saying that: "future employers benefit from the mistakes of current employees." An employee becomes more valuable, not less valuable, from having made a mistake and learned from it. Ultimately it is management who is responsible for mandating, instituting, developing, and implementing protocols and procedures to prevent this from happening. Depending on the cost of an outage to the company (e.g. NASDAQ, eBay), there are numerous things that can be done to prevent this from happening, from changing the colors on Putty screens, to requiring two people to work together any time there is a need to log into production, to prohibiting and even preventing access to production unless there is an open service request or change request. I have worked at a company where one could not log into production without a one-time-only code. One had to call the support desk to ask for a code. The support desk would ask which ticket I was working on and record that. Iggy
Date: Fri, 4 Dec 2015 08:35:47 -0800
Message-ID: <BLU179-W27882CB71315F639ABAA48EB0C0_at_phx.gbl>
There is a saying that: "future employers benefit from the mistakes of current employees." An employee becomes more valuable, not less valuable, from having made a mistake and learned from it. Ultimately it is management who is responsible for mandating, instituting, developing, and implementing protocols and procedures to prevent this from happening. Depending on the cost of an outage to the company (e.g. NASDAQ, eBay), there are numerous things that can be done to prevent this from happening, from changing the colors on Putty screens, to requiring two people to work together any time there is a need to log into production, to prohibiting and even preventing access to production unless there is an open service request or change request. I have worked at a company where one could not log into production without a one-time-only code. One had to call the support desk to ask for a code. The support desk would ask which ticket I was working on and record that. Iggy
-- http://www.freelists.org/webpage/oracle-lReceived on Fri Dec 04 2015 - 17:35:47 CET