Comment by toomuchtodo

* Local env setup docs should have no production creds in it (EDIT: production creds should always be encrypted at rest)

* new dev should only have full access to local and dev envs, no write access to prod

* you're backing up all of your databases, right? Nightly is mandatory, hourly is better

* if you don't have a DBA, use RDS

That'll prevent the majority of weapons grade mistakes.

Source: 15 years in ops