The prospect of restricting access to your database is tricky when it comes to privileged users, such as database administrators who need to keep the databases running, developers who need to tap into databases to get them to work, or super users who just need an inordinate amount of access to get their jobs done.
Privileged users are in a class of their own when it comes to database activity. Plain and simple, their extended access poses a much higher risk exposure to the data: These users touch, move, and manipulate more data than the average user. So chances are higher that they'll make a mistake that compromises data, or will operate maliciously and undetected.

Some form of database activity monitoring is a key part of that system. But even more impactful -- and perhaps more immediate for less mature organizations -- is the often forgotten first step of employing the rule of least privilege. Do your privileged users really need the database permissions they currently have, and is their level of access appropriate?

The link for this article located at Dark Reading is no longer available.