I’ve been in this field for almost 15 years, and I don’t think I’ve ever seen two companies handle this the same way Some other places just hand out just-in-time database access with short-lived credentials, others rely on rigid role-based permission, and others go all in on anonymized data dumps or shadow environments to avoid prod access altogether What’s your go-to when it comes to giving access to engineers to access production applications and such? How do you balance velocity with security/compliance?