How secure to make the database when hiring a developer?

I have setup a directory on my VPS account for a developer to make use of. It’s a copy of my production site, so if he screws up any of the PHP files I won’t be left in a lurch. The PHP file that contains the mySQL database password is one directory up from what he will have access to when he logs in via FTP.

Should I worry about scrubbing the data in the database? It’s a copy of production, and it basically contains first names, last names, email address, phone, city and state. In other words, nothing overly private like credit card numbers.

All opinions are welcome.

Thank you!

I would recommend to scrub the data, to be on the safe side. It is just a few queries entering random garbage into those field you should update.

In general the risk here depends mainly on the cost of the company/developer you hire. If it is low cost, then copying the customer base might be tempting. If they do it now, then wait a few months before selling the information, there is no way you can track it back to them.

Though, in addition to the risk mentioned above. The larger risk is if they do a mistake, and the code they make send out information to your customers. Either from your system, or if they copy the database, from their local dev server. If this happen, your company takes a hit and lose credibility.

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.