Database admins should run regular traces (aka profiles) on all of their database servers. Audit all login/logout events just to be aware of who’s logging into each server, from which machines, and how often.
Today, I caught one of the production application servers logging into a development database server – a bad combination. I checked with the application guys, and sure enough, someone had misconfigured the app server to hit the wrong database server.
Thankfully I caught it before we lost data, but it could have been worse. We could have run a production app on a tiny development database server for weeks, maybe months, without finding out. The only way we’d have found out is by losing data due to the development box going down – which isn’t backed up – and that would have been horribly bad.