Oh, it's been true. It sounds like you've never worked in a wild-west type of environment. I have. I once worked at a company (2008-ish) where all the developers had a VPN direct into production. The production database had the same password as dev. "Accidents" would occasionally happen were a developer might spin up an app connecting direct to production, then start processing production batch processes.

And having a "locked room" doesn't mean anything when you have remote access.