Why do so many teams still have permanent production DB access?
Disclosure: I’m part of the team building a database governance platform called DataGuard.
Across engineering teams, we kept seeing the same operational problems repeat:
- permanent production database access
- schema changes happening through Slack + terminal sessions
- audit visibility scattered across multiple systems
- support teams having broader customer-data access than necessary
- production credentials living in
.envfiles
One thing we’ve learned while working on this space:
Most database security problems are actually workflow and operational-governance problems.
Curious how teams here currently handle:
- production DB access
- schema approvals
- audit readiness
- secrets rotation
- PII masking
Especially interested in how larger teams handle temporary production access and auditability without slowing engineering down.
u/prem-devops — 7 days ago