.. no one should have to access to production servers for anything other than pure upgrades and if necessary to read logs and inspect monitoring programs. If your organisation can afford a decent test server with the same basic hardare as the poduction servers you should simply clone it to the production environment.
In reality of course there are always mysterious problems that only seem to happen when a system is put into actual use. To catch as many of those a possibe, and without having to resort to panic changes in your production environment, both the test and production servers should have a decent set of monitoring software and the ability to produce as much logs as possible.
If you do all this and still have problems developers might have to look at the production servers. But any changes should be addded to the test server first, both to test it and to make sure that the test server is always updated when the production servers are. Once the fix is ready whoever is responsible for the production servers should approve the changes and make the update. This also makes sure at least two people know about any change made to the production environment
If you organisation is really small I don't really think it will matter is your developers have access or not. Then you should just give access to whoever you feel can handle it on a person to person basis.