jeudi 29 janvier 2015

Accidental DBA: why we need group permission vs open for the company as a whole


I am an accidental DBA here in the company. I am not a DBA, but I am very protective with my Data.


Now we have the company financial information and Inventory database. We created this SQL view to only show Inventory name and inventory description, active or not active status and location in the stock room. lets call this view vw_Group1Inventory


next step is I am split between two department. the inventory department wants a list of names who has access to this vw_Group1Inventory.and create a group then give read access to this group


GROUP1 Department want this view to be Open to the whole company. I am torn between both argument. Part of me want to be able to control a list of people, instead open to everyone in the company. but the other argument is that having it open to the whole company reduce overhead if we hire new people.


I do agree with both side. There are no sensitive information in this SQL view so it does not matter what people will see. also on the other hand our hiring process can/sometime forgets adding new hire to certain group.


can you give me your dba opinion. there has to be benefit to having this controlled in a group. other than just nice to have?


help me out please. thank you





Aucun commentaire:

Enregistrer un commentaire