12.4. Securing the Development Environment
It's quite common for development teams to have fairly loose standards—or no standards at all—for management of the development environment. The development environment and servers should be managed professionally, although usually not to the same standards as the test and production systems. The data on the development servers is often sensitive, as it's drawn from the production source systems. You certainly should secure the hardware and operating system as we've just described, within reason. You should have a policy against, or strict procedures for, granting access to development servers to anyone outside the development portion of the organization.
To ease deployment, make the development machines' security environment similar to the production systems. On the other hand, you don't want to lock down the systems so tightly that the developers will have problems getting their work done.
A common approach is to manage shared development resources fairly well, yet allow developers to create private databases. Institute a change control process for the shared resources, like the relational data warehouse data model. Once other team members are depending on a data model, allow changes only weekly, and require 24 hours advance notice.
Once you've instituted change control on the shared resources, you'll see private databases popping up. That's because some team members, in a sensitive part of their development cycle, really need an unchanging ...
Get The Microsoft® Data Warehouse Toolkit: With SQL Server™ 2005 and the Microsoft® Business Intelligence Toolset now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
