Educause Security Discussion mailing list archives
Re: using live Production as sandbox for training
From: Cal Frye <cjf () CALFRYE COM>
Date: Fri, 30 May 2008 12:00:46 -0400
Melissa wrote:
Can anyone provide ANY insight as to the pros and cons of using a live production system for training instead of creating a seperate sandbox environment?
A further comment for the wider audience: I might grant one exception: The data is real, but not yet in production (you've just purchased the product, the data conversion has been done, and training is to get folks started). Then training can take place, and the environment wiped and reloaded when ready to begin production. No training exercise then alters the live data, but live data is used for example. Even then, you risk exposing sensitive data. What if the training class contains folks from HR, Financials, and Academic departments? An exercise could display salary or health information to trainees not authorized to see it, if you're using production data. It's worth the trouble to create a test database with totally bogus data, that way no risk of data exposure exists. -- Regards, -- Cal Frye, Network Administrator, Oberlin College www.calfrye.com, www.pitalabs.com "Little strokes fell great oaks." --Benjamin Franklin.
Current thread:
- using live Production as sandbox for training Melissa (May 30)
- <Possible follow-ups>
- Re: using live Production as sandbox for training Cal Frye (May 30)
- Re: using live Production as sandbox for training Theresa Semmens (May 30)
- Re: using live Production as sandbox for training Doug Markiewicz (May 30)
- Re: using live Production as sandbox for training Cal Frye (May 30)
- Re: using live Production as sandbox for training Ardoth Hassler (May 30)
- Re: using live Production as sandbox for training Kevin Shalla (Jun 02)
- Re: using live Production as sandbox for training Cal Frye (Jun 02)