Kbase P125220: How can I restrict developer access to the database without Progress security?
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
11/3/2008 |
|
Status: Verified
GOAL:
How can I restrict developer access to the database without Progress security?
GOAL:
How to control developer connection to te database without using Progress security.
FACT(s) (Environment):
All Supported Operating Systems
Progress/OpenEdge Product Family
FIX:
The question and the answer is the same here as for other database technologies (not specific to Progess): development tools, by design, allow all features of the product to be exercised, including access to data. If you do not want to implement Progress authentication on the database side (which is not always possible anyway), then your other option is to implement filtering at the network layer. That is, prevent administratively the development environments from being able to connect remotely to the production environments. There would be multiple aspects to this solution:
1. Prevent via network firewalls connections from the development network to the production network.
2. Prevent administratively (and via system restrictions where applicable) the installation of development tools to the production systems, and/or access to the systems to developers.
3. Set up internal procedures to review and test developed code before it is released in production.