Skip to main content

How to Review SQL Changes?

Since the popularization of databases in the 1970s, DBAs have continuously encountered various database management challenges, the most prominent of which may be the risks brought about by changes to the core database by developers in their daily tasks. As data changes to databases are a very common task, almost all developers will be involved in modifying the structure and content of the core database. If enterprises lack effective data security solutions, it can lead to a series of serious problems, such as:

  • Deleting the database and running away: There is no worse situation than this. The author knows of several actual incidents, such as an employee of a large real estate agency who logged into the financial system and deleted all financial data, directly affecting the salary distribution of the company's personnel; another example is a cloud-based commercial marketing solutions group company, whose entire database was deleted, resulting in a loss of hundreds of millions for the group. There are countless such incidents, and no one can predict what will happen tomorrow. Without a comprehensive strategy, disaster may strike.

    rm-rf/*

  • Data leakage: If the company is my home, then there is no doubt that business data is the family's vault, as it contains a large amount of sensitive information, such as personal identity information of customers, financial data, and business secrets. If there is no data security solution, it is undoubtedly that my home's door is always open (refer to Sony's annual data leakage incident). Once data leakage occurs, the company is not the only one that suffers, but the customers will also have a hard time. The legal responsibilities and reputation issues that arise are not something all companies can bear.

Therefore, before the actual application of SQL changes to the database, the review of SQL has become a crucial task, ensuring that changes to the database structure and data are reasonable, safe, and compliant with standards.

Here, I would like to highly recommend a database management product: NineData SQL Task.

This is an effective solution for reviewing SQL changes, providing a series of comprehensive standards and approval processes, setting up multiple checkpoints for each change SQL, including system pre-checks based on intelligent algorithms, as well as multi-level approval functions.

A Brief Introduction to NineData SQL Task

SQL Task is a feature launched by NineData for database management, aiming to achieve secure control and change management of the target data source, with the following powerful capabilities:

  • Pre-made over a hundred SQL review standards: The NineData platform provides complete library table structure definition standards, index standards, etc., to help all developers within the company standardize the use and change of the database.

  • Scheduled SQL automatic execution: SQL Task allows users to set up scheduled execution of SQL operations, thereby automatically completing a series of database change tasks. It helps to improve efficiency, especially for repetitive and planned tasks.

  • Enterprise collaborative data change: The SQL Task feature supports multi-user collaboration in data changes. Through approval processes and permission management, different team members can submit, approve, and execute SQL tasks in an orderly manner, ensuring orderly changes and avoiding conflicts and errors.

  • SQL permission verification: SQL Task has a permission verification mechanism, and only users with sufficient permissions can submit and execute SQL tasks, preventing unauthorized operations and strengthening access control to the database.

  • Approval process linkage: The SQL Task feature integrates the approval process to ensure that the submission and execution of SQL tasks are subject to multi-level approval. This linked approval process can provide an additional layer of security in change management, ensuring that changes are traceable.

  • Automatic data backup: Before making changes to the target data source through SQL tasks, the system will automatically back up the data that is about to be changed and retain it for 7 days. Within 7 days, you can download the backup at any time and restore the data to the state before the change, which is equivalent to providing a safety barrier for the data, no longer fearing data security issues.

  • Rollback plan filling: With the continuous improvement of enterprises' requirements for data security and compliance, the data rollback plan has become indispensable. Therefore, we provide an entry for filling in the rollback SQL, which will be permanently recorded in the current SQL task. It can be viewed and rolled back at any time when data problems occur.

To make it more clear, let's briefly demonstrate the capabilities of SQL tasks

  • Step one: Disable the SQL Console change capability of the production database

    iShot_2023-11-23_18.30.03

    After closing, try to execute change statements in the SQL Console, the statements are intercepted and cannot be executed.

    exec_intercepted

  • Step two: Publish changes through SQL tasks

    iShot_2023-11-23_18.55.52

    To demonstrate the overall process of SQL tasks, the screen recording is configured with a single-level approval. According to actual needs, the approval process can be flexibly configured, requiring SQL tasks to go through multi-level approvals before execution, ensuring that each change is properly reviewed and authorized.

  • Step three: Approve SQL tasks

    iShot_2023-11-23_18.58.55

    Here, you can reject or approve SQL change requests according to the actual situation.

Epilogue

Since the company introduced the NineData product, several positive changes have occurred.

The most obvious change is that due to the pre-audit mechanism of SQL tasks, I, who used to be the scapegoat, have been completely liberated. The potential risks that database changes may bring have put a lot of pressure on me, making me look old and haggard at a young age, but now my hair is not falling out, I am more energetic, and my confidence is back. Just not long ago, a new programmer in our company, due to unfamiliarity with the business, wanted to add a field to the table, and his operation was to DROP the original table. Fortunately, it was intercepted by the SQL task, otherwise, I, as a DBA, would have to pack up and leave.

Then, the multi-level approval mechanism of NineData SQL tasks has brought more efficient guarantees for our team collaboration. In the past, due to unclear responsibilities for changing SQL, it often led to poor communication and chaotic approval processes. Now, not only is the approval process more transparent and accurate, but it also improves the efficiency of team collaboration. The person in charge can also more clearly understand the specific content of each SQL change, reducing misunderstandings and errors.

Finally, I highly recommend this product. If you also want to be young and handsome like me, then trust me, it's definitely right!