Kyrilluk (5/26/2015)
It would be nice to have this scientific method to all the blab about security as well. Like "I shouldn't give the sysadmin password to the developers because of security risk". How do you quantify this security risk? Using what research? Usually DBA use "good practice" and other B.S. to cover their own ignorance but then are very keen to ask others to give "proof" of what they say.
Are you talking about granting developers sysadmin membership in development or production?
There is plenty of evidence out there suggesting that granting non-DBA users sysadmin access to production results in data loss and security breaches.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho