- Make sure you have a backup!
- And by that I mean a fresh backup, made just now, not an idea that there may exist a person who knows where a backup is stored!
- Make sure you can restore from the backup!
- And by that I mean that you have tested the restore procedure. On the backup that you have just created. And that you have tried accessing restored backup with the program that usually operates on it!
- Don’t type any SQL commands. Use only scripts/programs that were previously tested on a development/test database.
- And by that I mean tested by yourself, not by a fictitious somebody who may have tested a script three years before on a database used by a completely different program!
- Don’t modify production database!
- And by that I mean DON’T MODIFY PRODUCTION DATABASE!
Pages
▼
What happens ... your nuclear-plant application crashed as Fukushima did?
ReplyDelete;)
Or simply just start using LiquiBase and stop worring!
ReplyDeletehttp://www.liquibase.org/
--
fabio vitale
IGuzzon, nah, nothing like that. I was training, listening to podcasts and this just popped into my mind. I should probably tag it with subconsciousness_at_work.
ReplyDeleteYou forgot rules 9 and 10 (10 rules make a better number than 8 if you need to be above 7; there's a famous precedent):
ReplyDelete9. DON’T MODIFY PRODUCTION DATABASE!
10. DON’T MODIFY PRODUCTION DATABASE!
:)
@François, 8 is such a nice round number :) (and a title was meant as a TV series reference).
ReplyDeleteThe fear of changes is what makes hackers' job easy. People don't upgrade and patch, and vulnerabilities stays there waiting to be exploited. Of course changes must be planned and properly managed, but there should be not any fear of them. People should start to fear about what happens *if they don't upgrade and patch*. If maybe ten years ago the say "if it works don't change it" could have sometimes been true, today it's "if you don't patch it will be exploited". And a good backup is useful not only when upgrading...
ReplyDeleteA related set of rules, called the DARN Principles, learned from experience:
ReplyDeletehttp://www.emetra.no/FastTrak/Help/index.html?the_darn_principles.htm
@LDS : vendors even publish the weaknesses
ReplyDelete@gabr: have you ever told this to a business user ? they only ever work on production databases (except for testing)