Do you just hand your keys to whoever wants access to your car or your house? Why do so with your database? Just because someone wants to look at ‘your’ data, doesn’t mean you have to let them in without asking a few questions, right?
While the person won’t be driving your car, they’ll be driving data in your database. This could be one of the most important and valuable assets your organization has. Wouldn’t you like to know a bit more about this person before they get behind the wheel?
I know in the real world that this probably wouldn’t fly. Stakeholders in the application expect access to the database, little to no questions asked. Or, if a team lead asks for an account, you better have a darn good reason for saying ‘No.’
But, what if as the DBA, you could interrogate every person ever assigned a login? What would you ask? Or better yet, are you a DBA and you already do this? There are no right or wrong answers to any of my questions. I would probably still give someone an account if they flubbed every single question. But you can be sure that I would be keeping an eye on them. I would also try to find someone in the organization to adopt Mr. or Ms. N00B. Even better, I would ask the person requesting for access what training they were planning on providing this account holder.
What I Want to Know Before You Enter My World
- Have you ever worked with a database before? And by database, I mean Oracle, SQL Server, MySQL, DB2, or Sybase. Do not include experience with MS Access.
- On a scale of 1-10, please rate your comfort level with SQL.
- What will be your primary method for connecting and working with the database? Examples include SQL*Plus, SSMS, Access, etc.
- Explain to me, without using Google, what a Full Table Scan and Cartesian Join mean to you.
- What is wrong with the following query?
SELECT * FROM schema_name.table_name;
- Once you have access to the data, do you intend on extracting it outside the database? If so, do you promise to be held accountable for any secure data you take with you?
- Where do you go for help when you have a question about SQL or the database?
Some US states require Driver’s Ed BEFORE You Get a License
Too often I see users given access to the database before they are given training. Training should be delivered beforehand. It should be offered again a few weeks afterwards once the user has a chance to get their feet wet. And organizations should offer training on-demand when necessary for their employees.
Ok, back to the real world again. Sigh.