I have a client who has SQL admins using WAC to launch backups/restores for their day to day changes, db refresh, devops, pre/post-change backups, etc. outside of the control of backup environment. They developed these procedures without consulting data protection team, storage team, security team. WAC launches scripts from the client server with a generic account, for anyone with access to the client.
In the scheme of things it goes unnoticed when you have ten thousand plus backups running daily. However this causes problems over time with unanticipated storage requirements, retention of nonproduction DBs, failed scheduled backups, etc. Not even going to go into regulatory and audit implications.
I have two camps, one that wants to remove this unapproved use the backup infra for SQL production purposes and another that wants to secure these procedures. Oh the DBAs don’t want any change.
Any thoughts out there in CV land? I wish to remain impartial, but the security aspect is worrisome.
Looking for methods, thoughts, arguments, positions and pros/cons.
Best answer by yan
Digging in has paid off. They use ControlM > WAC > CS. The worst outcome is an adhoc backup blocking the scheduled backup and then both failing. RTO cannot be respected.
Well this process does not pass security sniff test and will be removed.
Thanks for the input.