Only you know how confidential your data is.
You don't have to grant read access to everything.
Another option which I've seen on some sites is they have a support instance which is refreshed nightly overnight and any sensitive data is obfuscated or removed as part of the post-clone scripts. Sure, it's 24 hours behind, so again it depends on how important this is.
Or you can create views atop the particularly secure data and mask the sensitive bits if possible. Then grant read on those instead. Bear in mind though as soon as you change your data, whether in views or physically, things are going to be different. Row-widths, low and high values, etc etc...
1 person found this helpful
What we usually do is create READ_ONLY user (Similar to APPS USER but with read access) on Non-PRODs. For some instances we give access to developer to APPS user also but it is done only after Data Scrambling.
It all depends on how much emphasis you put on security vs the trouble/extra work you will have to do
Thanks you so much for your response.