Generally, it is pretty bad practice to copy production data to any other network. You would most definitely not pass a SaaS 70 audit if they found that you were doing it. You would also not pass the same audit if they found that all of your developers had direct access to that data without going through permission granting hoops.
That said, you may not have a need to worry about it if your data isnt really that sensitive in the first place. In which case, I think domain authentication would be the better way to govern the access. When people leave or contracts expire, the removal of their domain accounts would cover removing the DB access. Otherwise, you may find yourself managing the accounts individually for everything or changing the password every time someone leaves. Another option, which Russ mentioned, is scrubbing the data before copying it down to the dev network. Of course, you'd want to do that on the production network BEFORE copying it down to the other network. I have seen people do the scrubbing AFTER the move... which is kind of pointless. Just some things to think about. .:.:.:.:.:.:.:.:.:.:.:. Bobby Hartsfield http://acoderslife.com http://cf4em.com -----Original Message----- From: Brook Davies [mailto:cft...@logiforms.com] Sent: Saturday, January 28, 2012 4:02 PM To: cf-talk Subject: Best Practice question about database access between Dev and Production Servers Hello, I'm setting up a new environment and I would like to have the ability, through a web UI to copy objects from our production database (separate server) to a development/debugging database (separate server). My question is not about how to implement this but rather whether this is bad practice. It would involve exposing the production database on the dev server (via a datasource mapping in the cfadmin). This would mean that any developer that is using our dev server (my concern is contractors..) would be able to write a query against the production database and potentially download sensitive data. How to people handle this type of risk? One idea I had was to not hardcode the database username/password in the CFadmin and instead prompt for it when accessing this specific tool through the web UI. Does that sound like a reasonable means of protecting the data in the production database from developers working on the development server? Anybody have better ideas? Brook ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:349661 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm