I'm trying to figure out the best approach for our development team, who are requesting the ability to clone production databases to our development environment for debugging and testing purposes. Currently, our developers share a database and a Keycloak tenant with the staging environment. They want to be able to create a new development database based on production, along with a separate Keycloak instance for development. The challenge lies in our various integrations, like Google and Xero, so I'm not sure how this could work or what specific questions I should be asking. Any suggestions?
5 Answers
We have a regular process where we create sanitized dev databases from production data. We exclude sensitive tables and redact critical information to prevent any risk. This way, we mitigate potential issues while having realistic data for testing.
This is a major compliance issue! Cloning production data to non-secure environments can violate several laws like GDPR or HIPAA. Always use mock or anonymized data for your dev environments to stay safe and compliant.
Copying production data directly to development can definitely backfire, especially with compliance risks. If you must proceed, consider creating a sanitized snapshot by masking sensitive information before loading it into the dev environment. That way, you protect user data while still allowing for testing.
Honestly, allowing the cloning of production databases to development environments is a risky move. The ideal approach is to set up proper debugging tools and ways to gather necessary logs to help replicate issues in development without the need for live data.
Exactly, you really put real users at risk by copying production data to dev. Imagine a bug accidentally sending a suspension email to an actual user! It's a disaster waiting to happen.
And it’s not just about security. Even the database schemas might not align perfectly. Developers often need access to work with data, but directly mirroring production can lead to grave mistakes.
I agree, I don't recommend copying production user data for any reason. Instead, you could generate synthetic data to test against. It's safer and often just as effective for development purposes. Plus, a separate Keycloak for development is a good idea to handle future upgrades without issues.
How do you manage changes in the schema if new sensitive data columns are added? That sounds tough!