A major lesson to take away from the Safe attack: developers should not have unilateral production access. AKA they shouldn't have production keys on their machines. All production code deployments should have to jump through peer review and involve multiple employees.