This ideally will preserve all other state for the tool itself and is easily seen and surfaced by every on working in the Tool Labs environment.
Outcomes:
block logins of the tool (and flag attempts to syslog) stop all running jobs and webservices
Questions:
disable all cronjobs? block outgoing/ingoing mail? block database credentials (revoke replica creds)?