How much access do you give users?

5 pts.
Tags:
Access Rights
Data Management
User access
I am auditing a enterprise data warehouse and am concerned at the level of access provided. I've found many users who have read, update, and delete rights to all working environments (testing, QA, Production)

Answer Wiki

Thanks. We'll let you know when a new response is added.

Three words: Segregation of Duties

Be sure that this is the criteria that you use to review the access levels.

——-

I give users the least rights that they need to do their job. Unless their job includes updating the data in the data warehouse (which it probably doesn’t) they should have SELECT rights only at the most, assuming they have rights to the data warehouse at all. Typically what I see is a data warehouse which pretty much no one can access, that spits out tons of reports nightly which are all that people can see.

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Schmidtw
    I agree with LabNuke99. If they don't use it, they don't need it. At my company, we give users a pretty limited control base despite starting them as power-users. Hope this helps! -Schmidtw
    11,330 pointsBadges:
    report
  • Kevin Beaver
    Interestingly you're not alone. In my work I see very few environments that are segmented or utilize the concept of segregation of duties. That certainly doesn't make it right...Look at how it's creating business risks - that's what matters at the end of the day. Login as a regular domain user and see what can be done from a malicious user's perspective. This is the stuff that'll get the attention of management.
    17,085 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following