Bruce Momjian <bruce@xxxxxxxxxx> writes: > On Wed, Aug 15, 2018 at 01:52:43PM -0700, Evan Rempel wrote: >> There are just a ton of configuration elements that the DBAs need to decide on and implement that require >> configuration of components that are outside of the database proper. >> >> It was a worthwhile discussion. One needs to trust the data stewards. > > Agreed. I just wish it had a more positive outcome. ;-) I think the key points to note are 1. At some point in the hierarchy of privileges, there is a need to have confidence and trust in at least one individual who will have (and need) sufficient privileges that restricting them via technology will become impossible as they will have sufficient power to circumvent anything. Typically, it will be more than a single individual to avoid the proverbial 'hit by a bus' risk. 2. Security comes at a cost. That cost is reduced convenience and increased bureaucracy. The challenge is getting the right balance where that cost is kept as low as possible while mitigating the identified risks. There is no one model which will suit all. 3. The principals of minimal privileges and separation of responsibilities is often a useful guideline. I have seen places where a 'Westminster' model is applied (distinct executive (C level), legislative (policy & Governance), judiciary (risk & audit). The real challenge with security is that it isn't actually a technology problem. It is a business problem. The technology can provide mechanisms to help address the issues, but technology alone cannot solve them. Where it becomes challenging is at the cross-over points. The executive should define overall high level strategy and direction, the legislature clarifies and codifies the strategies and business processes to enable staff to make appropriate decisions and the judiciary ensures everyone is playing by the rules. However, these three areas typically have only limited understanding of the technology (knowledge will typically increase as you work down from executive, legislature to judiciary). As DBAs, we need to understand the principals and risks and apply the technology in the best way possible to support the business and the defined strategies. Tim -- Tim Cross