We're a small company with only a handful of employees. Our non-technical COO has asked that we setup a copy of the production database for him to use with a service like Chartio, because our (admittingly poor) admin dashboard doesn't meet his needs.
The COO wants to use a friend (a contractor) to help integrate the Chartio service with our database.
All our passwords are encrypted, but emails and names are stored in clear text. We handle payment processing through a 3rd party provider so we don't store any sensitive financial information except transaction totals.
Is this a bad idea, or am I being overly cautious?
PS: We'd be setting up the database server ourselves, so we'd have control over the firewall and such.
In the end, the company directors are there to make "big picture" decisions on behalf of the company, so I don't think I'd be prepared to put my foot down about doing something that's merely unwise (though I wouldn't do something I believed to be illegal - in many jurisdictions, "following superior orders" won't protect you against the consequences of breaking the law).
If it were me, I'd want him to instruct me in writing to give him the copy, and preferably in that instruction to confirm that he was aware of my concerns about that database leaving the company, but was instructing me to proceed nonetheless.
Document what you're doing and create the copy. If you're not exposing very confidential data (emails aren't exactly that) then there's no real harm. However, document! This way if something does happen (being cynical here) you're covered.
Subjective question, but I say bad idea, for one main reason: You're fixing a symptom and not the problem. What happens when Chartio no longer meets his needs? Then it's on to the next big thing, and another copy of your DB in the open.
The real problem is the database reporting solution. You didn't mention what DB you're using, but assuming something like MySQL then paying for chartio kind of defeats the purpose of using a free DB I feel. If you pay for Chartio then you might as well pay for MSSQL and have great reporting. I'm sure there are decent free solutions out there for MySQL reporting, although I don't know of one off-hand.
I agree with the answer to have it in writing and voicing the concerns (especially if you're the IT Security person), but I have a feeling this will open a precedent for the COO (and probably other big-wigs) dictating IT Policy. Just a thought, whose budget is this Chartio coming out of....?
Update
Lastly, setting up a 'copy' of the production db will really not be the best thing because it's a copy and will never be real time (I'm thinking you mean a literal copy and not clustering/replication).