Shailesh,

Change the sa password on the server.  Then give the developers access only to what they need via a different identity.  Either a trusted connection via domain security or a different sql user.